Web browser security updates for Diffie-Hellman protocol

In July 2015 a vulnerability was found in the Diffie-Hellman key exchange protocol that was identified as the Logjam attack. In an ongoing effort to protect against this vulnerability many web browsers have begun blocking specific SSL ciphers that are known to be weak to this.

By default, Access Manager is designed to support as many user configurations as possible, this has caused these web browser updates to not allow the Access Manager interface to load in their appropriate browsers.

To resolve this Access Manager Update 1.2-RG9 has removed support for the affected ciphers allowing Access Manager to once again be accessed in the affected browsers.

In order to apply this update your Access Manager installation must be using a 1.2 release. After the update has been applied an additional service restart is required to ensure the cipher is properly removed.

Have more questions? Submit a request

Comments

Powered by Zendesk