Closed
Bug 583914
Opened 14 years ago
Closed 14 years ago
https://portal-plumprod.cgc.enbridge.com uses a very weak (256-bit) Diffie-Hellman key for DHE_RSA SSL cipher suites.
Categories
(Tech Evangelism Graveyard :: English Other, defect)
Tech Evangelism Graveyard
English Other
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: wtc, Unassigned)
References
()
Details
https://portal-plumprod.cgc.enbridge.com is an English site located in Ontario, Canada. The server uses a very weak (256-bit) Diffie-Hellman key for DHE_RSA SSL cipher suites. See 583337 comment 6 for the original report of this problem. To fix this server configuration problem, either - use a 1024-bit Diffie-Hellman key for the DHE_RSA SSL cipher suites, or - disable all DHE SSL cipher suites. The latter may be easier to do.
|
Reporter | |
Updated•14 years ago
|
OS: Mac OS X → All
Hardware: x86 → All
|
||
Comment 1•14 years ago
|
||
So... we seem to have no sane way to set blocking flags on TE bugs. Mike, Christian, do we need to move this to Core or something?
|
||
Comment 2•14 years ago
|
||
Multi-state blocking flags require us to (ugh, christ) patch bugzilla to apply to other products. Easiest thing to do is: file a new bug in Firefox::General, set that to blocking, set it to depend on this one, grimace.
|
|
Reporter | |
Updated•14 years ago
|
|
|
Reporter | |
Comment 3•14 years ago
|
||
https://portal-plumprod.cgc.enbridge.com has disabled all DHE SSL cipher suites. Marked the bug fixed.
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED
|
||
Updated•9 years ago
|
Product: Tech Evangelism → Tech Evangelism Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•