Diffie-Hellman public key error with Tomcat 7

Question

I successfully set up two Ubuntu machines with Tomcat and SSL certificates. I followed exactly the same procedure with Centos 6, but I'm getting this when I'm trying to connect to the Server (using Opera):

Server has a weak, ephemeral Diffie-Hellman public key

The connector is the following, and there are no errors in catalina.log:

<Connector port="some port number"  
           protocol="org.apache.coyote.http11.Http11Protocol" 
           SSLEnabled="true"
           maxThreads="150" scheme="https" secure="true"
           clientAuth="false" sslProtocol="TLS"
           keystoreFile="path to jks"
           keystoreType="JKS"
           keystorePass="mypass1"
           keyPass="mypass2"  />

With Firefox, I get the untrusted communication error.

score 30 · Accepted Answer · answered Jun 25 '15 at 07:57

30

For me it worked after adding a list of allowed ciphers to the Tomcat configuration in conf/server.xml to disable the weak Diffie-Hellman ciphers:

    <Connector
        ...
        ciphers="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA"
        ...

answered Jun 25 '15 at 07:57

centic

15,565
9
68
125

2

Do we know if this list is definitive? Where/how do we conform that list for each version of Tomcat? – Techmag Aug 10 '15 at 19:53
I did not find one and it is likely hard to provide a generic list as some ciphers are deemed save by some and unsafe by others. So it largely depends on yourenvironment, if you control the client you can even narrow it down to only one that you would like to use. – centic Aug 11 '15 at 18:10
here are some further links that explain this with some more detail https://blog.eveoh.nl/2014/02/tls-ssl-ciphers-pfs-tomcat/ http://devtidbits.com/2015/05/13/secure-and-harden-apache-tomcats-ssltls/ http://security.stackexchange.com/questions/89689/what-is-logjam-and-how-do-i-prevent-it – eramm Sep 03 '15 at 15:54
For all them poor bastards running Tomcat 5.5/Java 6: APR connector is a way to do it – Jochen Bedersdorfer Sep 08 '15 at 21:47
Fantastic. I was following tutorials to get an existing wildcard cert running on a new Tomcat instance and this was the last hurdle. Thanks! – Ternary Sep 23 '15 at 14:41
About a year ago, I added some sample configurations on the OWASP guide which work. This would be a good place to contribute any improvements for all to benefit from. https://www.owasp.org/index.php/Securing_tomcat#Sample_Configuration_-_Better_Security – Richard Brightwell Nov 06 '15 at 13:57

score 7 · Answer 2 · edited Mar 17 '17 at 13:14

This is due to the fact that new browser versions have started to either issue warning/errors when accessing web sites which are configured with weak DH ciphers for SSL. For more information about issue follow below links

https://weakdh.org

logjam issue

To fix this either you can find a way around this at browser side or server side. Servers side is the best as it will fix the issue for all users , if they are accessing server from different browsers/locations.

Fix the issue we have to make sure our server (in this case tomcat) use strong ciphers for SSL.

In tomcat, there are two different implementations of SSL. Defautl is JSSE implementation provided as part of the Java runtime. Other being APR implementation, which uses the OpenSSL engine by default.

JSSE since it's dependent on the Java runtime, we have to first find out which Java version we are using with tomcat. Tomcat 7 supports java 1.6 upwards. Then we have to find the respective cipher suites supported by relevant java version of JSSE. Weak ones are which which has 'DHE', so pick ones which does not contain 'DHE'. Few of stronger suites for java 1.6 JSSE is listed below.

TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_ECDH_ECDSA_WITH_RC4_128_SHA
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDH_RSA_WITH_RC4_128_SHA
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_RSA_WITH_RC4_128_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDH_ECDSA_WITH_NULL_SHA
TLS_ECDH_RSA_WITH_NULL_SHA
TLS_ECDHE_ECDSA_WITH_NULL_SHA
TLS_ECDHE_RSA_WITH_NULL_SHA
...

Compile a list of strong cipher suits and add it to the connector ciphers in conf/server.xml in your tomcat

<Connector
...
ciphers="TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_ECDH_ECDSA_WITH_RC4_128_SHA,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDH_RSA_WITH_RC4_128_SHA,TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_RC4_128_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDH_ECDSA_WITH_NULL_SHA,TLS_ECDH_RSA_WITH_NULL_SHA,TLS_ECDHE_ECDSA_WITH_NULL_SHA,TLS_ECDHE_RSA_WITH_NULL_SHA"
...
/>

Restart the server and error/warning should go away. Remember if Java version is different copy/pasting above might not work. So refer to correct version and supported cipher suites.

Note: To be able to use the 256 bit AES Ciphers, it is necessary to install the JCE Unlimited Strength Jurisdiction Policy Files

If Tomcat is configured to use APR instead of JSSE, above configuration will not work. You can enable strong cipher suites by following tomcat ssl configuration guide for APR and logjam admin guide .

score 2 · Answer 3 · answered Nov 24 '15 at 09:40

Add this into the server.xml file and restart the server

<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
       maxThreads="150" scheme="https" secure="true"
       keystoreFile="keystorePath"
       keystorePass="keystorepass"
       ciphers="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA"
       clientAuth="false" sslProtocol="TLS"/>

Try to browse with https://localhost:8443

score 1 · Answer 4 · edited Sep 09 '15 at 12:56

It works with Google Chrome ver.44 and Thanks to Jason Scroggins for suggesting:

In a new tab, type or paste about:config in the address bar and press Enter. Click the button promising to be careful.
In the search box above the list, type or paste dhe and pause while the list is filtered.
Double-click the security.ssl3.dhe_rsa_aes_128_sha preference to switch it from true to false (disable Firefox from using this cipher).
Double-click the security.ssl3.dhe_rsa_aes_256_sha preference to switch it from true to false (disable Firefox from using this cipher).

score 0 · Answer 5 · answered Oct 10 '15 at 11:42

0

For me,It was the issue of java version being used by tomcat. I changed the version from JDK 6 to JDK 1.7_080 and the error vanished.

When I said I changed the JAVA version,I meant I modified the environment variable "JAVA_HOME".

answered Oct 10 '15 at 11:42

Swapnil

35
1
10

Diffie-Hellman public key error with Tomcat 7

5 Answers5

Linked