https://portal-plumprod.cgc.enbridge.com uses a very weak (256-bit) Diffie-Hellman key for DHE_RSA SSL cipher suites.

RESOLVED FIXED

Status

Tech Evangelism Graveyard
English Other
RESOLVED FIXED
7 years ago
2 years ago

People

(Reporter: Wan-Teh Chang, Unassigned)

Tracking

Details

(URL)

(Reporter)

Description

7 years ago
https://portal-plumprod.cgc.enbridge.com is an English site
located in Ontario, Canada.

The server uses a very weak (256-bit) Diffie-Hellman key for
DHE_RSA SSL cipher suites.  See 583337 comment 6 for the
original report of this problem.

To fix this server configuration problem, either
- use a 1024-bit Diffie-Hellman key for the DHE_RSA SSL cipher
  suites, or
- disable all DHE SSL cipher suites.

The latter may be easier to do.
(Reporter)

Updated

7 years ago
OS: Mac OS X → All
Hardware: x86 → All
(Reporter)

Updated

7 years ago
Depends on: 583337
So... we seem to have no sane way to set blocking flags on TE bugs.  Mike, Christian, do we need to move this to Core or something?
Multi-state blocking flags require us to (ugh, christ) patch bugzilla to apply to other products. Easiest thing to do is: file a new bug in Firefox::General, set that to blocking, set it to depend on this one, grimace.
Blocks: 584138
(Reporter)

Updated

7 years ago
Blocks: 583337
No longer depends on: 583337
(Reporter)

Comment 3

7 years ago
https://portal-plumprod.cgc.enbridge.com has disabled all 
DHE SSL cipher suites.  Marked the bug fixed.
Status: NEW → RESOLVED
Last Resolved: 7 years ago
Resolution: --- → FIXED
Product: Tech Evangelism → Tech Evangelism Graveyard
You need to log in before you can comment on or make changes to this bug.