On 09/23/2016 09:50 PM, Stefan Günther wrote: > Hi, > > today we were contacted by a company, that is running an old djigzo > installation from 2011 on a SuSE 11.1 > > The browsers do not accept the weak encryption, that this > installation offers: > > An error occurred during a connection to 212.184.xxx.xxx:8443. SSL > received a weak ephemeral Diffie-Hellman key in Server Key Exchange > handshake message. Error code: > SSL_ERROR_WEAK_SERVER_EPHEMERAL_DH_KEY > > How can be change the configuration from port 8443 to 80? Just > changing "scheme" to "http" and "SSLEnabled" to "false" in > server.xml doesn't seem to be enough - now we only get a blank page. > > Right now we have to add some new accounts, before we can offer the > company a migration to a current version of Ciphermail. > > Thanks for any suggestions & hints,
You should tell the Web GUI not to require HTTPS. You can do this by setting the following system property: djigzo.https.all=false I think (not tested) that it should work when you add this to the file djigzo-web.properties (restart Tomcat after changing). Alternatively you can set this property in the Tomcat default file (/etc/default/tomcat) as a java system property with JAVA_OPTS="$JAVA_OPTS -Ddjigzo.https.all=false" (don't forget to restart Tomcat) Kind regards. Martijn Brinkers -- CipherMail email encryption Email encryption with support for S/MIME, OpenPGP, PDF encryption and secure webmail pull. https://www.ciphermail.com Twitter: http://twitter.com/CipherMail -- CipherMail email encryption Email encryption with support for S/MIME, OpenPGP, PDF encryption and secure webmail pull. https://www.ciphermail.com Twitter: http://twitter.com/CipherMail _______________________________________________ Users mailing list Users@lists.djigzo.com https://lists.djigzo.com/lists/listinfo/users