Hello, I used porticle and generated a keypair, imported our domain root cert and also submitted a cert request through our internal domain CA. I got the certificate back fine and it works great in Chrome / IE / Edge. Those browesers all show secured and nothing wrong with the cert. Its Sha256 and showing connection with the server at TLS 1.2.
However if I use Firefox ESR 38.2.1 I get this strange message:
error ssl_error_weak_server_ephemeral_dh_key
Found this:
https://support.mozilla.org/en-US/questions/1067995
The way around it was in firefox about:config
search for security.ssl3.dhe_rsa_aes and change both the 128 and 256 to false.
Now it works fine in Firefox.
However it sounds like this could be a legitimate vulnerability according to this site: https://weakdh.org/
Do you think there is an alternate way to perform the certificate update in Porticle to avoid this?