[cisco-voip] firefox upgrade causing issues with CUCM CCMadmin page
Ryan Huff
ryanhuff at outlook.com
Fri Jul 10 08:33:35 EDT 2015
Here is the Cisco security advisory for the OpenSSL flaw found in June/2015 .... Long, Long list of products affected:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl
-Thanks,
Ryan
From: ryanhuff at outlook.com
To: dennis.heim at wwt.com; wokka at justfamily.org; cisco-voip at puck.nether.net
Subject: RE: [cisco-voip] firefox upgrade causing issues with CUCM CCMadmin page
Date: Thu, 9 Jul 2015 15:55:04 -0400
Here is a good explanation of the issue and how to work around it:
http://eltonoverip.com/blog/2015/07/firefox-39-0-ssl-error-weak-ephemeral-diffie-hellman-key/
From: Dennis.Heim at wwt.com
To: wokka at justfamily.org; cisco-voip at puck.nether.net
Date: Thu, 9 Jul 2015 19:53:09 +0000
Subject: Re: [cisco-voip] firefox upgrade causing issues with CUCM CCMadmin page
There is a parameter for those the keys that you need to toggle to disable and then it will work. Not sure of the true impact of that, but that is what I changed.
Dennis Heim | Emerging Technology Architect (Collaboration)
World Wide Technology, Inc. | +1 314-212-1814
“There is a fine line between Wrong and Visionary. Unfortunately, you have to be a visionary to see it." – Sheldon Cooper
Click here to join me in my Collaboration Meeting Room
From: cisco-voip [mailto:cisco-voip-bounces at puck.nether.net]
On Behalf Of Charles Goldsmith
Sent: Thursday, July 09, 2015 3:50 PM
To: voip puck
Subject: [cisco-voip] firefox upgrade causing issues with CUCM CCMadmin page
Getting this error with Firefox 39
An error occurred during a connection to 10.52.122.26. SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key)
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem.
I've seen this on 8.6.2 and 9.1.2, the two 10.5.x systems I have access to have 3rd party certs, and they both work fine. The 8.x and 9.x systems do not have 3rd party, just internally signed.
Anyone else seeing this and know a work around? I detest using IE or Safari for CUCM work.
_______________________________________________
cisco-voip mailing list
cisco-voip at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20150710/670ef92d/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 3876 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20150710/670ef92d/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 1389 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20150710/670ef92d/attachment-0001.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.png
Type: image/png
Size: 1292 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20150710/670ef92d/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image004.png
Type: image/png
Size: 1391 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20150710/670ef92d/attachment-0003.png>
More information about the cisco-voip
mailing list