SSL Issues in Chrome Version 45.0.2454.85
Dear Customer,
We are getting ERR_SSL_WEAK_SERVER_EPHEMERAL_DH_KEY error in Chrome version 45. its because of the weak cipher (lesser than 1024-bit).
We need to replace the cipher to make it work (as shown below).
Edit the Server.xml file from the "<Installation directory>\ManageEngine\ADSelfService Plus\conf\" ( replace the given chipers)
ciphers="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA"
E.g as below,
<Connector SSLEnabled="true" ciphers="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA"allowUnsafeLegacyRenegotiation="false" server="ExchangeReporter Plus" sslProtocols="TLSv1,TLSv1.1,TLSv1.2"server=" ExchangeReporter Plus" acceptCount="100" clientAuth="false" connectionTimeout="20000" debug="0" disableUploadTimeout="true" enableLookups="false" keystoreFile="./conf/selfservice.keystore" keystorePass="Your_Keystore_Password" maxSpareThreads="75" maxThreads="150" minSpareThreads="25" name="SSL" port="9251" scheme="https" secure="true" sslProtocol="TLS"/>
We are working on a permanent fix for the aforementioned issue, this fix will be enrolled in the upcoming releases of ExchangeReporter Plus.
Please contact support@exchangereporterplus.com if you face any challenges in making the above changes.
Assuring you of our best service at all times,