We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

Barracuda SSL VPN

How to resolve Chrome/Firefox complaining about weak Diffie-Hellman key?

  • Type: Knowledgebase
  • Date changed: 2 years ago
Solution #00007443

Scope:

Firmware version: 2.6.1.9 and lower

 

Answer: 

 Upgrade to firmware 2.6.2.0 which contains support for Elliptic Curve Ciphers and also has a stronger Diffie-Hellman parameters generated on first use.


Current versions of Chrome (v45+) and Firefox (v39+) will refuse to connect via HTTPS to an SSL-VPN appliance with outdated Diffie-Hellman ciphers.  If your SSL-VPN appliance's firmware version is less than 2.2.2.203, you will first have to update your firmware.  If the firmware is 2.2.2.203 or newer and Chrome and/or Firefox is complaining about a weak Diffie-Hellman key, open a support tunnel and then contact Barracuda Support to have a Barracuda technician update the Diffie-Hellman ciphers on your SSL-VPN appliance.