0 Replies Latest reply on Jul 1, 2016 12:54 AM by andreaspa

    Problems with connecting to UM 3.3.3 with some browsers? Read this!

    andreaspa Enthusiast

      Hi,

       

      I've had issues with connecting to UM with Firefox for a while due to the error "SSL_ERROR_WEAK_SERVER_EPHEMERAL_DH_KEY". IE has worked fine, but seems like MS fixed this in WIndows 10 (or one of the latest patches for IE), so now IE won't work either.

      Found a KB article that helps out with this problem:

      Accessing the vSphere Web Client 5.1 fails with the error: SSL received a weak ephemeral Diffie-Hellman key in Server Ke…

       

      It is for the Web Client, but the common denominator here is Tomcat.

       

      For UM, this is the file you want to edit:

      /usr/local/tcserver/vfabric-tc-server-standard/um/conf/server.xml

       

      Find the <Connector port="8443"... part of the config, delete everything from the ciphers value and make sure it is set to this afterwards:

      ciphers="TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA"

       

      I would recommend doing this via SSH, but it can be done from the console as well. This is how it looks like when it is finished:

      After editing, make sure to restart tomcat (I did this with "/etc/init.d/tomcat restart", you may do it differently )

       

      Hope this helps some of you!