Best Fix: ssl_error_weak_server_ephemeral_dh_key Error

This ssl_error_weak_server_ephemeral_dh_key error is a simple Mozilla Firefox error. This secure connection failed error occurs recently and it is very irritating. There has no specific solution in the internet to fix this unknown error. Some forum especially Firefox forum discusses about this error but that is not worked well. This error occurs for some several reasons that are given bellow.

Fix the ssl_error_weak_server_ephemeral_dh_key error

  • Some specific website technically secures their server and if you want to access their website then you need have secured server certificate.
  • Some time your Mozilla Firefox browser server ssl code may be true that’s why you face this error.
  • This website also vulnerable to the “Logjam” attack by hackers.
  • Other side if you use other server like tomcat server then they may have no secure server certificate that’s you face the ssl_error_weak_server_ephemeral_dh_key error.

But don’t worry, you are the right place and here you get all the solution step by step of this secure connection failed problem that collected from Mozilla Firefox forum, Microsoft forum and some expert in this field. So let’s follow the solution and implement carefully to get rid of the error forever.

Fixing SSL_Error_Weak_Server_Ephemeral_DH_Key Error

=>> Fix 1: Ignoring SSL Error Weak Server Ephemeral DH Key Error from Firefox-

This method worked well for Firefox forum members. So at first you should apply this solution. There are two security codes in the Mozilla Firefox browser that may be set true and you should check the code and reset false. You can easily change the code by following the steps bellow.

  • At first open your Mozilla Firefox browser just double clicks on the Firefox icon.
  • Then type the bellow code in the search bar and hit Enter button.

           about:config

  • Now a new page open that says in the top “This might void your warranty” and you click on the “I’ll be careful, I promise!” button from bellow in the page.
  • Then you get a new page that have a search box bar in the top. And you type the below code or copy the code from bellow and paste in the search box.

           security.ssl3.dhe_rsa_aes_128_sha

  • Now you will see the code that value may be “true” and you double click on the “true” then that will change to “false”. It default looks like bellow photo.

security.ssl3.dhe_rsa_aes_128_sha

  • You again type the bellow code and double click on the “true” and change it value to “false”. It changes like bellow image.

            security.ssl3.dhe_rsa_aes_256_sha

security.ssl3.dhe_rsa_aes_256_sha

I hope this method help you to fix this error. If it is not worked then you move to the next solution.

=>> Fix 2: Disable SSL 2.0 in Tomcat Server-

If you use Tomcat server (version 4.1.32 or later) then its SSL 2.0 may be enabled by default and you face this ssl error code -1/1/336032856 massage. Just simply disable the SSL 2.0 and also disable the weak ciphers. And go to your “server.xml” file then add the bellow code to the ssl connector.

<connector port=”443” maxhttpheadersize=”8192” address=”127.0.0.1

           enablelookups=”false” disableuploadtimeout=”true” acceptCount=”100

           scheme=”https” secure=”true” clientAuth=”false” SSLEnabled=”true

           sslEnabledProtocols=”TLSv1,TLSv1.1,TLSv1.2

           ciphers=”TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,

           TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,

           TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_RC4_128_SHA,

           TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256,

           TLS_RSA_WITH_AES_256_CBC_SHA,SSL_RSA_WITH_RC4_128_SHA

           keystoreFile=”mydomain.key” keystorePass=”changeit

           truststoreFile=”mytruststore.truststore” truststorePass=”changeit” />

=>> Fix 3: Other Solution-

Update Your Browser Drivers: Sometime this secure connection failed error occurs for the old drivers in your browser because old driver weak ssl server. So update your driver following the bellow steps.

  • Go to “Open menu” that right top corner in the Mozilla Firebox browser.
  • Then click on the “Add-ons” button.
  • Now update the driver if have any old version.

Refresh Your Firefox Browser: Some stack exchange forum member says, they get rid of the error just refresh their Firefox browser. You can refresh your browser by following the bellow method.

  • At first go to the “Open menu” in your Mozilla Firefox browser and click on the Help menu icon from bellow right corner.
  • Then click on the Troubleshooting Information from the menu.
  • Now click on the Refresh Firefox button in the right top corner.
  • Finally get on Refresh Firefox.

Refresh Your Firefox Browser

The Final Words (Conclusion)-

I hope all the upper solution help you to fix the ssl error weak server ephemeral dh key error forever. Now this is your time to write the method worked well for you in the comment section.

If you like the article please consider rating it-