Resolving ERR_SSL_WEAK_EPHEMERAL_DH_KEY error in WSO2 Products (Server has a weak ephemeral Dillie-Heffman public key).

With latest browsers (Firefox v39.0, Chrome v45.0) you would probably be hit by following issue due to use of weak DHE ciphers for SSL communication in the WSO2 products.

To resolve this issue, you have following three options.

Option 1. You need to disable the all DHE cipher which is used.

So; you can configure following cipher suit which can be used for SSL communication in the CARBON_HOME/repository/conf/tomcat/catalina-server.xml. This ciphers parameter must be configured inside the TLS connector element.

ciphers="SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA"

To achieve the “Perfect Forward Secrecy”, we usually need the DHE or ECDHE ciphers. Therefore; removing the DHE ciphers completely is not a good option.

 Option 2. Use a 1024-bit (or larger) Diffie-Hellman group for the DHE_RSA SSL cipher suites

You need to use JAVA 8.0 for this.  Following parameter  which is introduced in JAVA 8.0, can be used customize key size in to some larger value.

-Djdk.tls.ephemeralDHKeySize=2048

JAVA 7.0 does not support 1024 bit key size and you can not have the above parameter to configure larger key size (in latest public releases of JAVA 7.0)

Currently WSO2 products can not be run using JAVA 8.0. Therefore this is not an option.  But feature releases of WSO2 would be able to run using JAVA 8.0 and you can use the DHE ciphers with larger key size.

Option 3. Enable ECDHE and disable DHE (preferable)
We can enable only the ECDHE cipher in WSO2 servers without using the DHE ciphers. Then, we are safe from both “Weak Cipher”and “Perfect Forward Secrecy” attacks.

So; you can add following cipher suits which can be used for SSL communication in the CARBON_HOME/repository/conf/tomcat/catalina-server.xml. This ciphers parameter must be configured inside the TLS connector element.

ciphers="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"

 

Let see how you can verify the cipher suit which is sued for SSL communication.

Step 1. Start WSO2 server with SSL debug logs.

>sh wso2server.sh -Djavax.net.debug=ssl:handshake

Step 2. Try to connect to SSL port using browser.

Step 3. You can find the SSL debug logs with selected cipher

*** ServerHello, TLSv1.1
RandomCookie: GMT: 1425380698 bytes =
Session ID:
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

Thanks for reading..!!!

Discuss this article on Stack Overflow

Leave a Reply

Your email address will not be published. Required fields are marked *