SAP Knowledge Base Article - Preview

2190943 - How to address the Weak Diffie-Hellman and Logjam attack against the TLS protocol

Symptom

  • After upgrading Firefox to 39.0+ or Google Chrome 45 getting below error in browsers when tomcat ssl is configured with SAP BusinessObjects BI 4.0/4.1 applications.

An error occurred during a connection to websitename. SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key) The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.Please contact the website owners to inform them of this problem.

The error may be observed while performing any activities in BI webapplications lile CMC/BILaunchpad/AdminTools when webapplication server is configured for SSL.

deff.jpg

  • The Diffie-Hellman protocol is a method for two computer users to generate a shared private key with which they can then exchange information across an insecure channel. Let the users be named Alice and Bob.


Read more...

Environment

  • SAP BusinessObjects Business Intelligence Platform(BI) 4.0/4.1.
  • Tomcat / Bundled Tomcat.
  • Chrome/Firefox/IE/Safari

Product

SAP BusinessObjects Business Intelligence platform 4.0 ; SAP BusinessObjects Business Intelligence platform 4.1

Keywords

Firefox, 39, upgrade, Diffe-Hellman, Error, auto, tomcat, ssl, error, key, unable, security, java, cipher,ssl_error_weak_server_ephemeral_dh_key, Weak Diffie-Hellman , KBA , BI-BIP-DEP , Webapp Deployment, Networking, Vulnerabilities, Webservices , BI-BIP-INS , Installation, Updates, Upgrade, Patching , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.