Service Bullettin 20150911 Weak DH HTTPS Server Keys
Jump to navigation
Jump to search
Contents
Service Bulletin - Chrome and Firefox drop support for servers using weak Diffie-Hellman public keys
New versions of some web borwsers have dropped support for web servers using Diffie-Hellman public keys shorter than 1024 bits.
Affected Platforms
- Any HSYCO Server using the Java 6 virtual machine, independently of the HSYCO software version
- Google Chrome version 45
- Mozilla Firefox 39.0
Description
HSYCO Server uses native Java libraries, embedded in the installed Oracle Java Virtual Machine, to implement its internal HTTPS server. Java 6's HTTPS libraries use Diffie-Hellman public keys that Google and Mozilla now consider weak, after the so-called Logjam vulnerability has been discovered.