ThousandEyes Documentation
Search…
ThousandEyes Documentation
What's New
Changelog
Product Documentation
Getting Started
Global Vantage Points
Internet and WAN Monitoring
Path Visualization
Tests
Data
Troubleshooting
Browsers Supported by the ThousandEyes Platform
CLI Network Troubleshooting Utilities
HTTP Server Test Fails with SSL Error
HTTP Server Test Fails with SSL Error: OpenSSL SSL_connect: SSL_ERROR_SYSCALL
HTTP Server Test Error "dh Key Too Small"
Browser Synthetics
End-User Monitoring
Internet Insights
Alerts
Dashboards
Device Layer
Account Management
Integration Guides
API
Privacy-Related
Archived Documentation
Archived Release Notes
2022
2021
2020
2019
2018
2017
2016
2015
2014
2013
2012
HTTP Server Test Error "dh Key Too Small"
If a ThousandEyes HTTP Server test (or the HTTP Server view of a Page Load test) fails with an SSL error and the message:
routines:ssl3_check_cert_and_algorithm:dh key too small
the web server that performed TLS negotiation with the ThousandEyes Agent was configured with a Diffie-Hellman group that is cryptographically weak. Because of the insecure nature of weak Diffie-Hellman groups, many HTTP clients (including ThousandEyes Agents) will refuse to communicate via HTTPS with such a server.
Web servers that have been in service for many years without recent updates, or that have compatibility requirements with very old clients that cannot support newer encryption are most likely to see this error.

Background

In 2015, a cryptographic attack called Logjam demonstrated the possibility of ​decrypting HTTPS-based communication if the attacker could capture the communications between client and server, such as capturing packets from an intermediate network device that handles the communications. Part of the attack targets encryption schemes based on the Ephemeral Diffie-Hellman (abbreviated as EDH or DHE) keying algorithm, which is designed to create session keys with forward secrecy.
Web servers that use Diffie-Hellman are configured with a precomputed set of prime numbers, called a Diffie-Hellman group. The number that is termed the "size" of the group (the modulus size, specifically) is proportional to the strength of the encryption key that will be created via the Diffie-Hellman calculations--the bigger the group size, the stronger the key. Common group sizes at the time of the attack announcement were 512 bits, 768 bits and 1024 bits.
Group sizes of 512 bits and 768 bits are now considered weak. Generally, 1024 bits is the minimum accepted size but not recommended, and 2048 bits is considered best practice. In particular OpenSSL, the library that provides HTTPS functionality for ThousandEyes and most other HTTP client software, has deprecated 512bit and 768-bit Diffie-Hellman groups. Web servers that attempt TLS negotiations using 512-bit and 768-bit Diffie-Hellman groups will cause OpenSSL-based clients to terminate the TLS negotiation. This includes the client that executes a ThousandEyes HTTP Server test.

Error Validation

To confirm that a test displaying the error message is the result of a server using a weak Diffie-Hellman group, run the openssl command from any system that can contact the server:
openssl s_client -connect www.example.com:443 -cipher "EDH" | grep "Server Temp Key"
and
openssl s_client -connect www.example.com:443 -cipher "DHE" | grep "Server Temp Key"
This output will provide the number of bits in the EDH or DHE cipher's key. The version of the openssl program must be at least 1.0.2b to produce the Server Temp Key output.
Alternatively, a packet capture of the TLS handshake between a client and the server can identify a Diffie-Hellman modulus with too few bits. For the Wireshark packet capture and display program, a display filter of:
ssl.handshake.p_len < 128
will show SSL/TLS handshakes with a modulus (mathematically denoted by the symbol "p") length of fewer than 1024 bits (128 bytes).

Server Remediation

Consult your web server documentation for instructions on upgrading the cryptographic libraries that perform TLS negotiation. Server software may or may not be upgradable to libraries that can be compatible with modern clients such as used by ThousandEyes tests while maintaining the weak ciphers needed for servicing old clients.

Additional Information

As a reference, below are links to announcements regarding weak Diffie-Hellman ciphers from the makers of common browsers.
Internet RFCs pertaining to commonly used Diffie-Hellman groups:
Previous
HTTP Server Test Fails with SSL Error: OpenSSL SSL_connect: SSL_ERROR_SYSCALL
Next - Product Documentation
Browser Synthetics
Last modified 8mo ago
Copy link
Outline
Background
Error Validation
Server Remediation
Additional Information