Subsonic Forum

[envoy510]

I have to use Chrome to browse to my local Subsonic 5.2.1 install (running on CentOS 6.6). I get this error message from Firefox:

Code: Select all

An error occurred during a connection to ...
SSL received a weak ephemeral Diffie-Hellman key in Server Key
Exchange handshake message. (Error code:
ssl_error_weak_server_ephemeral_dh_key)

I searched the forum and I don't see anyone else reporting this. I have trouble believing I'm the only one, since I'm running the latest Firefox 39.0.

[manwithaplan]

Well, let's start with the basics - do you have just a self-signed cert on your https instance of Subsonic? Or are you using a proper, real, root-signed cert as purchased from a proper CA like GoDaddy, GeoTrust, Verisign, Thawte, RapidSSL, etc etc? Let's start there...for reference, I and I suspect many others are using Firefox 39.0 just fine with our properly configured SSL instance of Subsonic today. So it is possible!

[baaldemon]

Alright so this has nothing to do with the certificate that you are using. The error message relates to the key exchange algorithm that is in place for the cipher that is being use, in this case ephemeral diffie-hellman. EDH/DHE is a perfect forward secrecy (PFS) key exchange which essentially allows for your communications to stay secure even if somone was able to crack the private key of your cert. The error you are getting started happening as Firefox, and maybe chrome as well, put into place a block that would not allow them to negotiate using a weak key exchange. I forget what name they gave to this attack maybe logjam, there have been so many over the past year, but essentially some researchers found that if you could force SSL/TLS to negotiate DHE using key material of 512bit, that anyone could essentially crack that using an AWS instance in around 24hours.

Since I am not sure how you are running your server whether its standalone, war deployment, behind a reverse proxy, or what version of java you are using I cant really say exactly how to resolve your issue. Ideally your webserver should noegiate EDH at the same strength as the key of your cert, but various implementations dont do this and are kind of in a scramble since this flaw to get things fixed. Quick and shitty answer is to DISABLE DHE ciphers, meaning you may lose PFS but the browser wont try to negotiate using a weak DHE key.

There are a bunch of other options, but that is essentially why you started to see that issue. Try upgrading and running on Java8 if you are not doing so already, JCE/JSSE have been updated to include modern ciphers and the more modern TLS1.2 protocol, this should allow for a fix. If you arent running behind a reverse proxy do so. Stand up Apache 2.4 and have it be the SSL endpoint that your browser talks to or use nginx or something similar for the same purpose. Use an online tool like https://www.ssllabs.com/ssltest/index.html or a local tool https://github.com/rbsec/sslscan to scan and give you the information about the ciphers and key exchanges that you are supporting.

[envoy510]

I didn't do anything to the installation of Subsonic. I didn't install any certificates. I just installed it and am using it from my LAN. Period.

So, I assume the certificate in there is the one that the Subsonic developer made, and it's not strong enough for Firefox.

[envoy510]

And for reasons that I don't understand, when I go to the HTTP 4040 port it redirects to HTTPS 7777 (the port I defined).

Here's my /etc/sysconfig/subsonic:

Code: Select all

SUBSONIC_ARGS="--https-port=7777 --max-memory=200 --default-music-folder=/me/mirror/mp3/ --default-podcast-folder=/me/mirror/mp3/Podcasts/ --default-playlist-folder=/me/mirror/mp3/playlists/"


[envoy510]

If I remove --https-port=7777 then going to port 4040 doesn't redirect.

That's no good when accessing offsite, though, which I do with DSub. I need HTTPS for that.

So, I see two bugs here: the 5.2.1 installer package has too weak of a certificate and merely defining an HTTPS port causes the HTTP port to redirect.

[baaldemon]

Its not complaining about a weak certificate. Its complaining about weak ephemeral diffie-hellman key exchange. Your browser is trying to negotiate using most likely DHE-AES128-CBC-SHA. The certificate is fine, its failing on DHE which java is trying to negotiate at 768, it is a java issue. Logjam, an SSL/TLS vulnerability that came out recently showed new attacks against systems using weak key exchanges. While it specifically targetted a downgrade export ciphers the attacks against key lengths are universal. The attack made 512bits very feasible in a day or two and makes 768 and 1024bits. Currently Firefox and Chrome have added a check and will block any requests that negotiate this below 1024bits. The issue is truly with java and not necessarily with subsonic. Though one of the changes that could be made would be to specifically change the ciphers and keyexchanges that are supported by JSSE in the jetty server.

While I do not run my subsonic instance this way, I may have some time in the next few days to review this and come up with some options for you.

[envoy510]

Its not complaining about a weak certificate. Its complaining about weak ephemeral diffie-hellman key exchange. Your browser is trying to negotiate using most likely DHE-AES128-CBC-SHA. The certificate is fine, its failing on DHE which java is trying to negotiate at 768, it is a java issue. Logjam, an SSL/TLS vulnerability that came out recently showed new attacks against systems using weak key exchanges. While it specifically targetted a downgrade export ciphers the attacks against key lengths are universal. The attack made 512bits very feasible in a day or two and makes 768 and 1024bits. Currently Firefox and Chrome have added a check and will block any requests that negotiate this below 1024bits. The issue is truly with java and not necessarily with subsonic. Though one of the changes that could be made would be to specifically change the ciphers and keyexchanges that are supported by JSSE in the jetty server.

While I do not run my subsonic instance this way, I may have some time in the next few days to review this and come up with some options for you.

That would be appreciated. Btw, I'm running CentOS 6.6 and I saw a Java update the other day. These were installed

Code: Select all

java-1.7.0-openjdk-1.7.0.85-2.6.1.3.el6_6.x86_64
java-1.7.0-openjdk-devel-1.7.0.85-2.6.1.3.el6_6.x86_64


[killercow]

I had this issue too.

To solve it I had to upgrade Java to latest version 8 (build 51, at time of writing).

As I'm running CentOS I followed these instructions: http://tecadmin.net/install-java-8-on-centos-rhel-and-fedora/

Note: I replaced all instances of "45" in those instructions with 51, for the version I downloaded.

Hope this helps.

[envoy510]

I had this issue too.

To solve it I had to upgrade Java to latest version 8 (build 51, at time of writing).

As I'm running CentOS I followed these instructions: http://tecadmin.net/install-java-8-on-centos-rhel-and-fedora/

Note: I replaced all instances of "45" in those instructions with 51, for the version I downloaded.

Hope this helps.

Fantastic. I will try is ASAP. THANKS!

The only downside to this is that using these instructions means updating Java manually. Small price to pay, though.

[envoy510]

I had this issue too.

To solve it I had to upgrade Java to latest version 8 (build 51, at time of writing).

As I'm running CentOS I followed these instructions: http://tecadmin.net/install-java-8-on-centos-rhel-and-fedora/

Note: I replaced all instances of "45" in those instructions with 51, for the version I downloaded.

Hope this helps.

Yep, all better. Thanks.

[killercow]

Fantastic. I will try is ASAP. THANKS!

The only downside to this is that using these instructions means updating Java manually. Small price to pay, though.

Yup worth it and as a double bonus since I was still running Java v7 it improved page load times for me quite significantly too!

Yep, all better. Thanks.

Very welcome

[Globe199]

Bumping this thread. Will updating Java on Windows solve the issue? If so, what version / implementation is recommended?