141A318A:SSL routines:tls_process_ske_dhe:dh key too small - who is to blame?

To: debian-user@lists.debian.org
Subject: 141A318A:SSL routines:tls_process_ske_dhe:dh key too small - who is to blame?
From: Hans <hans.ullrich@loop.de>
Date: Tue, 27 Nov 2018 10:15:35 +0100
Message-id: <[🔎] 6714983.acFXoTjTDP@protheus7>

Hi folks, 

since my last update I get this error message from kmail:

141A318A:SSL routines:tls_process_ske_dhe:dh key too small

I understand, that the key is to small since some changes in openssl and due 
to the manual I changed /etc/ssl/openssl.cnf.

This is not all the point,  as I can get it working.

The one thing, I did not understand: If this error appears, who is to blame? 
Is this a problem by the server or is this caused by the provider, who still 
uses too small keys?

Is there a way to avoid this problem, without editing the confoiguration? I am 
thinking of users, who are just using debian, do an update and suddenly get 
into this problem.

Thanks for any short answers.

Best

Hans

Reply to:

Prev by Date: Re: Looking for a "friendly" e-mail service
Next by Date: Fwd: openvpn over ipv6 /65
Previous by thread: (solved) Re: problem with alsa setting
Next by thread: issues with stretch, part 1 of many
Index(es):
- Date
- Thread