Thanks Brent. I had found similar discussions but not on that message list.
After reading that though, and from the other things I’ve found, it seems the correct fix is to change the setting on the Jenkins server because we already are using 1024-bit certificates. I had found a page that discusses how to fix the issue on Jetty implementations, but the specified file did not exist (or perhaps I couldn’t find it) in Jenkins. My real question then is what do I modify in our Jenkins implementation to get around this issue? Assuming that there is something to modify… From: jenkinsci-users@googlegroups.com [mailto:jenkinsci-users@googlegroups.com] On Behalf Of Brent Atkinson Sent: Tuesday, October 27, 2015 4:27 PM To: jenkinsci-users@googlegroups.com Subject: Re: unable to access Jenkins in Firefox and Chrome after latest browser updates because of "weak ephemeral Diffie-Hellman public key" https://productforums.google.com/forum/#!topic/chrome/o3vZD-Mg2Ic On Tue, Oct 27, 2015 at 1:31 PM, Roger Moore <rmoo...@ra.rockwell.com<mailto:rmoo...@ra.rockwell.com>> wrote: Has anyone else seen a problem accessing Jenkins after Chrome was updated to v45? Chrome reports: "This error can occur when connecting to a secure (HTTPS) server. It means that the server is trying to set up a secure connection but, due to a disastrous misconfiguration, the connection wouldn't be secure at all! In this case the server needs to be fixed. Google Chrome won't use insecure connections in order to protect your privacy." A similar error occurs in Firefox v39.0, which reports: "An error occurred during a connection to 'servername:portnumber'. SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key)." I can connect using IE and Safari though. The Jenkins logs do not provide messages at the time when the attempt to connect is made. I tried looking at the Jenkins configuration and using Google searches, but could not find where to change the setting in Jenkins to force Jenkins to use the stronger key. Any suggestions would be appreciated. Roger Moore -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com<mailto:jenkinsci-users%2bunsubscr...@googlegroups.com>. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/SN1PR08MB198183FA4F85C5148C4BEEEEB6220%40SN1PR08MB1981.namprd08.prod.outlook.com. For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com<mailto:jenkinsci-users+unsubscr...@googlegroups.com>. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/CALyHw0HLs%2BOi8_58-W6gAwfSK0k-%3DOgRi_M4bSngm4tOs319EA%40mail.gmail.com<https://groups.google.com/d/msgid/jenkinsci-users/CALyHw0HLs%2BOi8_58-W6gAwfSK0k-%3DOgRi_M4bSngm4tOs319EA%40mail.gmail.com?utm_medium=email&utm_source=footer>. For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/SN1PR08MB19819521575455091AD09AD5B6210%40SN1PR08MB1981.namprd08.prod.outlook.com. For more options, visit https://groups.google.com/d/optout.
