Disabling the use of weak DH keys in Zimbra Collaboration mailboxd

Disabling the use of ephemeral DH keys in mailboxd

   KB 22117        Last updated on 07/23/2015  




0.00
(0 votes)

Background

Mozilla Firefox 39.0 was released on June 30, 2015. With this release, connections to servers using weak ephemeral Diffie-Hellman (DH) keys are blocked by default. See the Mozilla Release Notes and detailed accompanying change list for details. Here are some specific related bugs/enhancements/changes for those interested:

  • FF Bug 1138554 (CVE-2015-4000) NSS accepts export-length DHE keys with regular DHE cipher suites
  • FF Bug 1106470 Drop SSLv3 support entirely
  • FF Bug 1153964 allow unrestricted RC4 fallback in beta and release
    • NOTE: a future release is expected to disallow RC4 ciphers, or possibly enable RC4 for a temporarily set of whitelisted hosts.

Chrome 45 (in the "dev channel" since early June 2015) is slated to present users with a ERR_SSL_WEAK_SERVER_EPHEMERAL_DH_KEY error:

Mozilla Thunderbird 38.1.0 and above also blocks the connections to servers using weak ephemeral Diffie-Hellman (DH) keys are blocked by default. So if you are using Zimbra Collaboration 7.x and Thunderbird like Mail Client, in the 38.1.0 or above release you can't sync your email anymore using POP3 or IMAP over SSL. The Mozilla Thunderbird error is not so helpful.

  • FF Bug 1184488 Thunderbird 38.1.0+38.0.1: SMTP+IMAP with STARTTLS: no remaining auth method

Example Error

Firefox 39.0 and above

In Firefox 39.0+, you may see the following error message when trying to connect a Zimbra Collaboration 7.x or previous versions:


Secure Connection Failed

An error occurred during a connection to YOUR IP. SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key)

  • The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
  • Please contact the website owners to inform them of this problem.

Mozilla-error-oldzcs-001.png

Thunderbird 38.1.0 and above

In Thunderbird 38.1.0 and above you will not see any significant or helpful error, just that you can't connect to the server and a no remaining auth method. If you see into the Zimbra Collaboration mailbox.log, you will see the next, depends of POP3 or IMAP:

POP3 SSL error

2015-07-21 09:45:32,158 ERROR [Pop3SSLServer-1] [ip=151.237.238.126;] ProtocolHandler - Exception occurred while handling connection javax.net.ssl.SSLException: Received fatal alert: illegal_parameter

       at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190)
       at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:136)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1822)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1004)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1188)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1215)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1199)
       at com.zimbra.cs.tcpserver.ProtocolHandler.startHandshake(ProtocolHandler.java:187)
       at com.zimbra.cs.tcpserver.ProtocolHandler.run(ProtocolHandler.java:135)
       at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:895)
       at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:918)
       at java.lang.Thread.run(Thread.java:662)</pre>

IMAP SSL error

2015-07-21 09:44:04,317 ERROR [ImapSSLServer-1] [ip=151.237.238.126;] ProtocolHandler - Exception occurred while handling connection
javax.net.ssl.SSLException: Received fatal alert: illegal_parameter
        at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190)
        at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:136)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1822)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1004)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1188)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1215)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1199)
        at com.zimbra.cs.tcpserver.ProtocolHandler.startHandshake(ProtocolHandler.java:187)
        at com.zimbra.cs.tcpserver.ProtocolHandler.run(ProtocolHandler.java:135)
        at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:895)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:918)
        at java.lang.Thread.run(Thread.java:662)

Resolution

You have different steps to resolve the issue:

Workaround for Firefox and Thunderbird: Disable DHE ciphers in the Zimbra Collaboration Server

Disabling the insecure ciphers, will make Firefox happy again:

zmprov mcf +zimbraSSLExcludeCipherSuites TLS_DHE_RSA_WITH_AES_128_CBC_SHA
zmprov mcf +zimbraSSLExcludeCipherSuites TLS_DHE_RSA_WITH_AES_256_CBC_SHA
zmprov mcf +zimbraSSLExcludeCipherSuites SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
zmmailboxdctl restart

You will see the Web Client again:

Mozilla-error-oldzcs-004.png

Recommendeded Workaround: Upgrade ZCS

The recommended step is upgrade to the latest supported Zimbra Collaboration version, as Zimbra Collaboration 7.x was EOL'd in March 2015.

Mozilla-error-oldzcs-002.png

If you want to upgrade, we had an special Webinar that will help you with the process:

Not Recommended: Mozilla Firefox fix per each client

Not recommended: To disable the new introduced option in Mozilla Firefox, you need to do it in each Web Browser that uses your Zimbra Collaboration Server:

Type about:config in your Firefox web browser, in the address bar. Be careful as you can break your Firefox Configuration easier. Change the next settings with the next values:

security.ssl3.dhe_rsa_aes_128_sha=false
security.ssl3.dhe_rsa_aes_256_sha=false

Not Recommended: Mozilla Thunderbird fix per each client

Not recommended: To disable the new introduced option in Mozilla Thunderbird, you need to do it in each Client that uses your Zimbra Collaboration Server:

Not recommended: enable HTTP & HTTPS

Not recommended: You can set the zmtlsctl to both, to enable HTTP traffic to your server, users will be able to connect using Firefox 39, previous or above versions using HTTP. Like zimbra user:

zmtlsctl both
zmcontrol restart

The use of HTTPS only is recommended.

Additional Content

Verified Against: Zimbra Collaboration 7.x and previous Date Created: 07/06/2015
Article ID: https://wiki.zimbra.com/index.php?title=Disabling_the_use_of_weak_DH_keys_in_Zimbra_Collaboration_mailboxd Date Modified: 07/23/2015



Try Zimbra

Try Zimbra Collaboration with a 60-day free trial.
Get it now »

Want to get involved?

You can contribute in the Community, Wiki, Code, or development of Zimlets.
Find out more. »

Looking for a Video?

Visit our YouTube channel to get the latest webinars, technology news, product overviews, and so much more.
Go to the YouTube channel »


Wiki/KB reviewed by Jorge Phil Phil Last edit by Jorge de la Cruz
Jump to: navigation, search