To clarify, you're using the embedded Jetty-Winstone to run Jenkins (i.e. java -jar jenkins.war), including SSL/TLS?
On 28.10.2015, at 17:17, Roger Moore <[email protected]> wrote: > Thanks Brent. I had found similar discussions but not on that message list. > > After reading that though, and from the other things I’ve found, it seems the > correct fix is to change the setting on the Jenkins server because we already > are using 1024-bit certificates. > > I had found a page that discusses how to fix the issue on Jetty > implementations, but the specified file did not exist (or perhaps I couldn’t > find it) in Jenkins. > > My real question then is what do I modify in our Jenkins implementation to > get around this issue? Assuming that there is something to modify… > > From: [email protected] > [mailto:[email protected]] On Behalf Of Brent Atkinson > Sent: Tuesday, October 27, 2015 4:27 PM > To: [email protected] > Subject: Re: unable to access Jenkins in Firefox and Chrome after latest > browser updates because of "weak ephemeral Diffie-Hellman public key" > > https://productforums.google.com/forum/#!topic/chrome/o3vZD-Mg2Ic > > On Tue, Oct 27, 2015 at 1:31 PM, Roger Moore <[email protected]> wrote: > Has anyone else seen a problem accessing Jenkins after Chrome was updated to > v45? Chrome reports: > > "This error can occur when connecting to a secure (HTTPS) server. It means > that the server is trying to set up a secure connection but, due to a > disastrous misconfiguration, the connection wouldn't be secure at all! > > In this case the server needs to be fixed. Google Chrome won't use insecure > connections in order to protect your privacy." > > A similar error occurs in Firefox v39.0, which reports: > > "An error occurred during a connection to 'servername:portnumber'. SSL > received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake > message. (Error code: ssl_error_weak_server_ephemeral_dh_key)." > > I can connect using IE and Safari though. > > The Jenkins logs do not provide messages at the time when the attempt to > connect is made. > > I tried looking at the Jenkins configuration and using Google searches, but > could not find where to change the setting in Jenkins to force Jenkins to use > the stronger key. > > Any suggestions would be appreciated. > > > > Roger Moore > > -- > You received this message because you are subscribed to the Google Groups > "Jenkins Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/jenkinsci-users/SN1PR08MB198183FA4F85C5148C4BEEEEB6220%40SN1PR08MB1981.namprd08.prod.outlook.com. > For more options, visit https://groups.google.com/d/optout. > > -- > You received this message because you are subscribed to the Google Groups > "Jenkins Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/jenkinsci-users/CALyHw0HLs%2BOi8_58-W6gAwfSK0k-%3DOgRi_M4bSngm4tOs319EA%40mail.gmail.com. > For more options, visit https://groups.google.com/d/optout. > > -- > You received this message because you are subscribed to the Google Groups > "Jenkins Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/jenkinsci-users/SN1PR08MB19819521575455091AD09AD5B6210%40SN1PR08MB1981.namprd08.prod.outlook.com. > For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/C5C8527B-0103-4D90-BD3A-5E60BC15235D%40beckweb.net. For more options, visit https://groups.google.com/d/optout.
