ErrorNotes

Fixing the SSL_ERROR_WEAK_SERVER_EPHEMERAL_DH_KEY Connection Error

intermediate🔒 SSL/TLS2026-04-27| Linux (Ubuntu, CentOS, Debian), Nginx, Apache HTTPD, Tomcat, Firefox Browser

Error Message

SSL_ERROR_WEAK_SERVER_EPHEMERAL_DH_KEY
#security#nginx#apache#ssl-tls#sysadmin

The Problem

Firefox users often run into a wall when a website uses outdated security. If you see the SSL_ERROR_WEAK_SERVER_EPHEMERAL_DH_KEY message, your browser is blocking the connection to protect you. It has detected that the server is using "export-grade" Diffie-Hellman (DH) keys that are far too small—usually 512 or 768 bits.

Back in the 90s, these weak keys were a legal requirement for exported software. Today, they are a massive liability. Modern browsers require at least 1024-bit parameters, but the security community considers 2048-bit the absolute minimum to defend against the Logjam attack. Without this upgrade, an attacker could potentially crack your encryption in real-time.

Why browsers block these keys

The Diffie-Hellman exchange allows a server and a visitor to agree on a secret key without an eavesdropper seeing it. However, if the prime numbers used in this exchange are too small, they become predictable. Researchers have shown that 512-bit primes can be broken in less than 8 hours for just a few hundred dollars. By blocking these connections, Firefox ensures your private data doesn't travel over a glass-brittle connection.

Step 1: Generate Stronger DH Parameters

Fixing this starts with creating a unique, high-strength DH group. We recommend 2048 bits; it provides excellent security without the heavy CPU hit of 4096-bit keys. Run this command in your terminal:

sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048

Note: This process is CPU-intensive. It may take 1 to 5 minutes depending on your server's hardware. Let it finish completely before moving to the next step.

Step 2: Update Your Server Configuration

Now that you have your dhparam.pem file, you need to point your web server to it.

Fix for Nginx

Find your site's configuration file. It is usually located in /etc/nginx/sites-available/ or /etc/nginx/conf.d/.

Inside the server block for port 443, add the ssl_dhparam line shown below:

server {
    listen 443 ssl;
    server_name yourdomain.com;

    ssl_certificate /path/to/fullchain.pem;
    ssl_certificate_key /path/to/privkey.pem;

    # Tell Nginx to use the new DH parameters
    ssl_dhparam /etc/ssl/certs/dhparam.pem;

    # Use modern protocols and ciphers
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384';
    ssl_prefer_server_ciphers on;
}

Verify your syntax and reload the service:

sudo nginx -t
sudo systemctl restart nginx

Fix for Apache

Apache's setup depends on your version. For Apache 2.4.8 or higher, the process is straightforward.

**Option A: The Modern Way (Recommended)**Add this directive inside your <VirtualHost *:443> block:

<VirtualHost *:443>
    ServerName yourdomain.com
    SSLEngine on
    SSLCertificateFile /path/to/cert.crt
    SSLCertificateKeyFile /path/to/key.key

    # Point Apache to your new DH file
    SSLOpenSSLConfCmd DHParameters "/etc/ssl/certs/dhparam.pem"
</VirtualHost>

Option B: The Legacy WayIf you are on an older version of Apache, you can simply append the DH parameters to your certificate file:

cat /etc/ssl/certs/dhparam.pem | sudo tee -a /etc/ssl/certs/your_certificate.crt

Restart Apache to apply the changes:

sudo systemctl restart apache2

Fix for Java / Tomcat

Older Java versions (pre-Java 8u121) are hard-coded to 1024-bit DH limits. If you can't upgrade Java, you must disable DHE ciphers entirely. In your server.xml, find your Connector and edit the ciphers attribute to exclude anything starting with TLS_DHE_. Instead, prioritize TLS_ECDHE_ (Elliptic Curve), which is faster and avoids the DH parameter issue altogether.

Step 3: Confirm the Fix

Don't assume it's fixed just because the error page disappeared. Use these tools to be sure.

The Command Line Check

Run this OpenSSL command from your local machine to see what the server is offering:

openssl s_client -connect yourdomain.com:443 -cipher "DHE" | grep "Server Temp Key"

A successful fix will return: Server Temp Key: DH, 2048 bits.

The Visual Check

Head over to Qualys SSL Labs. Run a scan on your domain and scroll down to the "Cipher Suites" section. You want to see "DH 2048 bits" and a green light for the Logjam test.

Common Pitfalls

  • Read Permissions: If Nginx or Apache fails to start, check if the service user (like www-data) has permission to read /etc/ssl/certs/dhparam.pem.
  • The 4096-bit Trap: While 4096-bit is more secure, it significantly slows down the initial handshake for every visitor. For 99% of websites, 2048-bit is the perfect balance of speed and security.
  • Old Devices: If you must support Windows XP or ancient Android 2.3 devices, 2048-bit DH might break their connection. In those rare cases, switching to ECDHE ciphers is a better workaround.

Related Error Notes

Fixing NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM: Moving Beyond SHA-1

NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM

Fixing ERR_SSL_KEY_USAGE_INCOMPATIBLE in Chrome: A TLS 1.3 Guide

ERR_SSL_KEY_USAGE_INCOMPATIBLE

Fix SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE When Your Intermediate CA Has Expired

SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE