Closed
Bug 583914
Opened 15 years ago
Closed 15 years ago
https://portal-plumprod.cgc.enbridge.com uses a very weak (256-bit) Diffie-Hellman key for DHE_RSA SSL cipher suites.
Categories
(Tech Evangelism Graveyard :: English Other, defect)
Tech Evangelism Graveyard
English Other
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: wtc, Unassigned)
References
()
Details
https://portal-plumprod.cgc.enbridge.com is an English site
located in Ontario, Canada.
The server uses a very weak (256-bit) Diffie-Hellman key for
DHE_RSA SSL cipher suites. See 583337 comment 6 for the
original report of this problem.
To fix this server configuration problem, either
- use a 1024-bit Diffie-Hellman key for the DHE_RSA SSL cipher
suites, or
- disable all DHE SSL cipher suites.
The latter may be easier to do.
|
Reporter | |
Updated•15 years ago
|
OS: Mac OS X → All
Hardware: x86 → All
|
||
Comment 1•15 years ago
|
||
So... we seem to have no sane way to set blocking flags on TE bugs. Mike, Christian, do we need to move this to Core or something?
|
||
Comment 2•15 years ago
|
||
Multi-state blocking flags require us to (ugh, christ) patch bugzilla to apply to other products. Easiest thing to do is: file a new bug in Firefox::General, set that to blocking, set it to depend on this one, grimace.
|
|
Reporter | |
Updated•15 years ago
|
|
|
Reporter | |
Comment 3•15 years ago
|
||
https://portal-plumprod.cgc.enbridge.com has disabled all
DHE SSL cipher suites. Marked the bug fixed.
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
|
||
Updated•10 years ago
|
Product: Tech Evangelism → Tech Evangelism Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•