[ https://issues.apache.org/jira/browse/KNOX-566?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14625728#comment-14625728 ]
Jeffrey Rodriguez commented on KNOX-566: ---------------------------------------- No nothing else to other than restarting Knox. > Knox Jetty server is vulnerable to Logjam vulnerability > ------------------------------------------------------- > > Key: KNOX-566 > URL: https://issues.apache.org/jira/browse/KNOX-566 > Project: Apache Knox > Issue Type: Bug > Affects Versions: 0.5.0 > Environment: Red Hat Enterprise Linux Server release 6.4 (Santiago) > Reporter: Jeffrey E Rodriguez > Fix For: 0.7.0 > > > See description of logjam > "The Logjam Attack" > https://weakdh.org/ > To test you should do: > [root@bdvs1392 logs]# openssl s_client -connect bdvs1392.svl.ibm.com:8443 > -cipher "EDH" | grep "Server Temp Key" > depth=0 C = US, ST = Test, L = Test, O = Hadoop, OU = Test, CN = > bdvs1392.svl.ibm.com > verify error:num=18:self signed certificate > verify return:1 > depth=0 C = US, ST = Test, L = Test, O = Hadoop, OU = Test, CN = > bdvs1392.svl.ibm.com > verify return:1 > Server Temp Key: DH, 768 bits > The key should >= 1024 -- This message was sent by Atlassian JIRA (v6.3.4#6332)