Server has a weak ephemeral Diffie-Hellman public key. How to by-pass it?

koras picture koras · Jun 19, 2015 · Viewed 85.2k times · Source

While I'm trying to visit a specific website (that one: https://login.uj.edu.pl) I'm getting ERR_INVALID_ARGUMENT error. Here is the problem: "Server has a weak ephemeral Diffie-Hellman public key". More about the issue there: https://productforums.google.com/forum/#!topic/chrome/o3vZD-Mg2Ic

I know that it should be fixed by a webmaster but until it happens I have to access the page every day anyway. I found an extension to Firefox to avoid this error: https://addons.mozilla.org/en-us/firefox/addon/disable-dhe/

Now i want to get rid of the error in Google Chrome (well, Chromium actually). Is there any possibility to make it work? It's my university's page and it can take years for the site administrator to fix that secure connection issue.

What's strange the problem occurs in Linux only, in all the browsers. In Windows, Chrome-OS or Android there is nothing wrong. I know that using insecure connection is wrong but in that case I have no choice.

EDIT: I cannot accept any solution because the site I was trying to access changed its encryption to the right one. Now I can't test your solutions because the problem is already solved by site admins.

Answer

S4nD3r picture S4nD3r · Jul 20, 2015

The solution is:

Type in your browser (I tried in Iceweasel)

    about:config 

Search for

    security.ssl3.dhe_rsa_aes_128_sha 

    security.ssl3.dhe_rsa_aes_256_sha 

Set them both to false (just double click to set them to false or true).

That's it!