Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Still getting Diffie-Hellman ephemeral key error after fixing server

  • 7 replies
  • 2 have this problem
  • 3 views
  • Last reply by guygreg

more options

I began getting the weak key (Logjam) error after an upgrade to Thunderbird 38.1.

The server has a 2,048 bit key and I have now restricted it to strong cipher suites (no export-grade ones) and it STILL reports the same error.

REPORTED ERROR: Timestamp: 7/23/2015 7:36:34 PM Error: An error occurred during a connection to mail.[snip]:993.

SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message.

(Error code: ssl_error_weak_server_ephemeral_dh_key)

So, on the mail server, I have changed the cipher suite string to no longer use any export-grade, or Diffie-Hellman ephemeral ciphers. Or any ciphers with less than HIGH strength: ALL:!ADH:!kDHE:!DHE:!TLS_RSA_WITH_IDEA_CBC_SHA:RC4+RSA:+HIGH:-MEDIUM:-LOW:-SSLv2:-EXP

I have used a script with nmap to confirm that all ciphers are strong:

nmap --script ssl-enum-ciphers -p<MAIL PORT> <MAIL HOST>

script here: http://nmap.org/svn/scripts/ssl-enum-ciphers.nse info here: http://nmap.org/nsedoc/scripts/ssl-enum-ciphers.html

I believe Thunderbird is reporting a weak cipher when none exists. Why doesn't the error console simply report what the weak cipher is so that it could be blocked in the cipher string of the mail server? As it is, I'm stuck: Thunderbird won't connect, but I believe the problem is fixed and without further info I have no way to fix it. Our company is stuck with T-bird 31 until I can understand why 38 complains.

Troubleshooting info:

Application Basics
   Name: Thunderbird
   Version: 38.1.0
   User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.1.0
   Profile Folder: Show Folder
             (Local drive)
   Application Build ID: 20150707103124
   Enabled Plugins: about:plugins
   Build Configuration: about:buildconfig
   Memory Use: about:memory
 Mail and News Accounts
   account1:
     INCOMING: account1, , (imap) mail.[snip]:993, SSL, passwordCleartext
     OUTGOING: mail.[snip]:465, SSL, passwordCleartext, true
   account2:
     INCOMING: account2, , (none) Local Folders, plain, passwordCleartext
 Crash Reports
 Extensions
   Lightning, 4.0.1, false, {e2fda1a4-762b-4020-b5ad-a41df1933103}
 Important Modified Preferences
   Name: Value
     browser.cache.disk.capacity: 358400
     browser.cache.disk.smart_size_cached_value: 358400
     browser.cache.disk.smart_size.first_run: false
     browser.cache.disk.smart_size.use_old_max: false
     extensions.lastAppVersion: 38.1.0
     font.name.monospace.el: Consolas
     font.name.monospace.x-cyrillic: Consolas
     font.name.monospace.x-unicode: Consolas
     font.name.monospace.x-western: Consolas
     font.name.sans-serif.el: Calibri
     font.name.sans-serif.x-cyrillic: Calibri
     font.name.sans-serif.x-unicode: Calibri
     font.name.sans-serif.x-western: Calibri
     font.name.serif.el: Cambria
     font.name.serif.x-cyrillic: Cambria
     font.name.serif.x-unicode: Cambria
     font.name.serif.x-western: Cambria
     font.size.fixed.el: 14
     font.size.fixed.x-cyrillic: 14
     font.size.fixed.x-unicode: 14
     font.size.fixed.x-western: 14
     font.size.variable.el: 17
     font.size.variable.x-cyrillic: 17
     font.size.variable.x-unicode: 17
     font.size.variable.x-western: 17
     gfx.direct3d.last_used_feature_level_idx: 0
     mail.openMessageBehavior.version: 1
     mail.winsearch.firstRunDone: true
     mailnews.database.global.datastore.id: 95a1e376-28a1-47bd-863f-44701b2f644
     network.cookie.prefsMigrated: true
     network.predictor.cleaned-up: true
     places.database.lastMaintenance: 1437407106
     places.history.expiration.transient_current_max_pages: 104858
     plugin.importedState: true
     security.disable_button.openCertManager: false
 Graphics
     Adapter Description: Intel(R) HD Graphics 3000
     Vendor ID: 0x8086
     Device ID: 0x0122
     Adapter RAM: Unknown
     Adapter Drivers: igdumd64 igd10umd64 igd10umd64 igdumd32 igd10umd32 igd10umd32
     Driver Version: 9.17.10.3347
     Driver Date: 1-29-2014
     Direct2D Enabled: true
     DirectWrite Enabled: true (6.2.9200.17292)
     ClearType Parameters: ClearType parameters not found
     WebGL Renderer: false
     GPU Accelerated Windows: 2/2 Direct3D 11
     AzureCanvasBackend: direct2d 1.1
     AzureSkiaAccelerated: 0
     AzureFallbackCanvasBackend: cairo
     AzureContentBackend: direct2d 1.1
 JavaScript
 Incremental GC: 1
 Accessibility
   Activated: 0
   Prevent Accessibility: 0
 Library Versions
     Expected minimum version
     Version in use
     NSPR
     4.10.8
     4.10.8
     NSS
     3.19.2 Basic ECC
     3.19.2 Basic ECC
     NSS Util
     3.19.2
     3.19.2
     NSS SSL
     3.19.2 Basic ECC
     3.19.2 Basic ECC
     NSS S/MIME
     3.19.2 Basic ECC
     3.19.2 Basic ECC
I began getting the weak key (Logjam) error after an upgrade to Thunderbird 38.1. The server has a 2,048 bit key and I have now restricted it to strong cipher suites (no export-grade ones) and it STILL reports the same error. REPORTED ERROR: Timestamp: 7/23/2015 7:36:34 PM Error: An error occurred during a connection to mail.[snip]:993. SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key) So, on the mail server, I have changed the cipher suite string to no longer use any export-grade, or Diffie-Hellman ephemeral ciphers. Or any ciphers with less than HIGH strength: ALL:!ADH:!kDHE:!DHE:!TLS_RSA_WITH_IDEA_CBC_SHA:RC4+RSA:+HIGH:-MEDIUM:-LOW:-SSLv2:-EXP I have used a script with nmap to confirm that all ciphers are strong: nmap --script ssl-enum-ciphers -p<MAIL PORT> <MAIL HOST> script here: http://nmap.org/svn/scripts/ssl-enum-ciphers.nse info here: http://nmap.org/nsedoc/scripts/ssl-enum-ciphers.html I believe Thunderbird is reporting a weak cipher when none exists. Why doesn't the error console simply report what the weak cipher is so that it could be blocked in the cipher string of the mail server? As it is, I'm stuck: Thunderbird won't connect, but I believe the problem is fixed and without further info I have no way to fix it. Our company is stuck with T-bird 31 until I can understand why 38 complains. Troubleshooting info: Application Basics Name: Thunderbird Version: 38.1.0 User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.1.0 Profile Folder: Show Folder (Local drive) Application Build ID: 20150707103124 Enabled Plugins: about:plugins Build Configuration: about:buildconfig Memory Use: about:memory Mail and News Accounts account1: INCOMING: account1, , (imap) mail.[snip]:993, SSL, passwordCleartext OUTGOING: mail.[snip]:465, SSL, passwordCleartext, true account2: INCOMING: account2, , (none) Local Folders, plain, passwordCleartext Crash Reports Extensions Lightning, 4.0.1, false, {e2fda1a4-762b-4020-b5ad-a41df1933103} Important Modified Preferences Name: Value browser.cache.disk.capacity: 358400 browser.cache.disk.smart_size_cached_value: 358400 browser.cache.disk.smart_size.first_run: false browser.cache.disk.smart_size.use_old_max: false extensions.lastAppVersion: 38.1.0 font.name.monospace.el: Consolas font.name.monospace.x-cyrillic: Consolas font.name.monospace.x-unicode: Consolas font.name.monospace.x-western: Consolas font.name.sans-serif.el: Calibri font.name.sans-serif.x-cyrillic: Calibri font.name.sans-serif.x-unicode: Calibri font.name.sans-serif.x-western: Calibri font.name.serif.el: Cambria font.name.serif.x-cyrillic: Cambria font.name.serif.x-unicode: Cambria font.name.serif.x-western: Cambria font.size.fixed.el: 14 font.size.fixed.x-cyrillic: 14 font.size.fixed.x-unicode: 14 font.size.fixed.x-western: 14 font.size.variable.el: 17 font.size.variable.x-cyrillic: 17 font.size.variable.x-unicode: 17 font.size.variable.x-western: 17 gfx.direct3d.last_used_feature_level_idx: 0 mail.openMessageBehavior.version: 1 mail.winsearch.firstRunDone: true mailnews.database.global.datastore.id: 95a1e376-28a1-47bd-863f-44701b2f644 network.cookie.prefsMigrated: true network.predictor.cleaned-up: true places.database.lastMaintenance: 1437407106 places.history.expiration.transient_current_max_pages: 104858 plugin.importedState: true security.disable_button.openCertManager: false Graphics Adapter Description: Intel(R) HD Graphics 3000 Vendor ID: 0x8086 Device ID: 0x0122 Adapter RAM: Unknown Adapter Drivers: igdumd64 igd10umd64 igd10umd64 igdumd32 igd10umd32 igd10umd32 Driver Version: 9.17.10.3347 Driver Date: 1-29-2014 Direct2D Enabled: true DirectWrite Enabled: true (6.2.9200.17292) ClearType Parameters: ClearType parameters not found WebGL Renderer: false GPU Accelerated Windows: 2/2 Direct3D 11 AzureCanvasBackend: direct2d 1.1 AzureSkiaAccelerated: 0 AzureFallbackCanvasBackend: cairo AzureContentBackend: direct2d 1.1 JavaScript Incremental GC: 1 Accessibility Activated: 0 Prevent Accessibility: 0 Library Versions Expected minimum version Version in use NSPR 4.10.8 4.10.8 NSS 3.19.2 Basic ECC 3.19.2 Basic ECC NSS Util 3.19.2 3.19.2 NSS SSL 3.19.2 Basic ECC 3.19.2 Basic ECC NSS S/MIME 3.19.2 Basic ECC 3.19.2 Basic ECC

Modified by guygreg

All Replies (7)

more options

As a workaround you can install this add-on. https://addons.mozilla.org/en-US/firefox/addon/disable-dhe/

Check this article if you are having difficulties installing the add-on for Thunderbird. http://xenos-email-notes.simplesite.com/416814616

Wrt the server config you may ask in a forum for your server software.

more options

It's great that that addon is available. I'd rather not have to get in installed on the machines of all our users, some of which are at remote locations.

According to the server, and the third party nmap tool, the server software is correctly configured and secure. I believe that Thunderbird is reporting an error incorrectly. I don't understand key exchanges well enough to submit a bug report.

more options
According to the server, and the third party nmap tool, the server software is correctly configured and secure.

I doubt that, but this isn't the right forum to discuss this any further.

more options

Is it possible there is some caching-related reason for Thunderbird to give this error? Is there any filtering proxy between Thunderbird and the server such as antivirus/antispam?

more options

jscher2000 said

Is it possible there is some caching-related reason for Thunderbird to give this error? Is there any filtering proxy between Thunderbird and the server such as antivirus/antispam?

That seemed like a possibility, or more generically that somehow the changes I made to the server configuration were not being applied to the running software. To test that, I added ":-SSLv3" to the cipher list. That tells the server to refuse to use any SSL 3 ciphers. I restarted the server, fired up T-bird and clicked "Get Messages". It still didn't connect, but the message in the error console was now:


Timestamp: 7/28/2015 2:32:16 PM Error: An error occurred during a connection to mail.[snip]:993.

Cannot communicate securely with peer: no common encryption algorithm(s).

(Error code: ssl_error_no_cypher_overlap)


I then removed ":-SSLv3" from the server's cipher list, restarted the server, and connected to it with T-bird again. The error in the console went back to the Diffie-Hellman one.

This means that changes to the server's configuration are taking effect and T-bird is able to properly communicate with the server and attempt a key exchange each time, and there is no caching of credentials going on.

The only two possibilities I can see are: 1. The open-source Courier mail server software offers weak (export-grade) ephemeral Diffie-Hellman ciphers even when configured not to offer export grade ciphers or ephemeral Diffie-Hellman ciphers, or 2. Version 38 of Thunderbird reports a mail server as offering weak ephemeral Diffie-Hellman ciphers even when it does not, at least under some circumstances.

more options

This is definitely getting over my head...

Could you check this comment in the bug tracking system about a possible workaround for Courier: https://bugzilla.mozilla.org/show_bug.cgi?id=1184488#c13

more options

Thank you, that's very helpful!

I followed the cues given in Comment 45. https://bugzilla.mozilla.org/show_bug.cgi?id=1184488#c45

As root, do:

DH_BITS=1024

Then execute the script mkdhparams, which on my CentOS install is found in /usr/lib/courier-imap/share

The script runs for a while "generating DH parameters".

When it's done, restart Courier.

Thunderbird 38.1 now works as expected.

I agree with Comment 47, in that what's going on here is not actually the Logjam vulnerability, and the error message provided by Thunderbird is not helpful in discovering the issue it's complaining about.

I'm going to quote Comment 12 because it expresses my feelings on this:

"Personally, I wish the mozilla team would quit breaking client-side SSL support in the name of 'security' - it's been a real problem with older (and by 'older', I mean like 2-3 years old, not ancient) appliance-based systems (SOHO firewalls, VoIP ATAs, Storage systems and network equipment that have HTTPS based management interfaces), out-of-band server cards, etc. on the Firefox side. Really need to provide dialogs and options to continue after appropriate warnings, not just break stuff silently."

Modified by guygreg