• Login
    • Search
    • Categories
    • Recent
    • Tags
    • Users
    • Groups
    • Rules
    • Help

    Do more on the web, with a fast and secure browser!

    Download Opera browser with:

    • built-in ad blocker
    • battery saver
    • free VPN
    Download Opera

    How to disable weak ephemeral Diffie-Hellman public key error

    Opera for Windows
    15
    19
    7808
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • markrcarterjdphd
      markrcarterjdphd last edited by

      Last week, I started getting the Diffie-Hellman error when logging into my online softphone. Opera was the only browser that correctly enabled the phone. I worked-around the problem by deleting browsing data. At first a day would work. Then, I had to delete a week, then a month. Now even a month won't work. I managed to login by opening a private window. That stopped working today.

      Reply Quote 0
        1 Reply Last reply
      • blackbird71
        blackbird71 last edited by

        At root, this breaks down to a question of convenience versus security, which is an age old conflict. Ultimately, employing any degree of security protection inherently implies a corresponding degree of inconvenience. Some of those software makers who supply a communications portal for users believe they have an obligation to protect user security to the best degree possible, even if that means breaking communications paths for those link partners not employing up-to-date security protocols (and hence certificates). Because any user setting that allows the user to bypass a portal security protection opens up the possibility of exploitation, either directly or inadvertantly and either immediately or later on, some security-conscious software makers elect not to provide user bypass options for their built-in security protection elements. Opera is such a maker. Possibly Mozilla will be as well, depending on how they implement their DH fix.

        One can argue endlessly about whether a software maker should protect a user from himself, or to what degree. Experienced users may indeed be wise enough to intelligently and carefully relax certain security settings for certain situations; but all too often, either those settings are neglected to be reversed thereafter or inexperienced users relax the settings just to make some favorite 'trivial' site work properly and never think to reverse them for sites where true security/privacy really matter.

        In any case, the ultimate industry goal is that all websites and all browsers be upgraded to omit such evident https encryption and secure protocol weaknesses. One of the few practical ways to push that to happen is to migrate browser designs to become incompatible with weak encryption techniques, which in turn will deprive offending sites of visitors and deluge them with user complaints. Ultimately, those sites will have to update their servers and certs if they want to continue supplying https connections; otherwise, they will either drop back to the http level of protection they are in reality offering by weak encryption/protocols or go extinct.

        One can elect to use a browser that still allows weak DH encryption for https connections, of course, and run the various risks entailed in keeping the connection private or exploit-free. But it's my belief that fewer such browsers will remain available for much longer.

        Reply Quote 0
          1 Reply Last reply
        • Deleted User
          Deleted User last edited by

          This is utter horseshit. This error should absolutely appear by default to protect the average user, but to not even provide a means by which to bypass it is absurd. I am a network/systems administrator - I know exactly what the hell I'm doing, and if I want to run the risks associated with a weak security key when using my own computer, the browser had better get the fuck out of my way.

          I have been recommending Opera to my end users for quite some time, and I had intended to make the switch from Chrome to Opera for all of my browsing and resource management needs, but at this point I refuse to support Opera in any way, if only out of principal. Back to Google's memory hogging BS, I guess. Opera is officially uninstalled from my machine, and I will start vehemently discouraging my end users from using it.

          Bye, Felicia.

          Reply Quote 0
            1 Reply Last reply
          • vikont
            vikont last edited by

            Oops! Looks like Firefox will be going this way at the end of June. See:
            https://addons.mozilla.org/en-us/firefox/addon/disable-dhe/

            My Firefox is at version 38.0.5, and I can still connect to Freephoneline.ca site normally. But I still cannot connect with Opera.

            Opera is trying to be a nanny-browser when no one asks it to. Logjam is not an easy exploit to, well, exploit, and it's not like I'm trying to connect to a compromised banking site. With this enforcement policy, Opera found a way to drive its single-digit market share even lower.

            Every good security policy states that at the end of the day security should be in the hands of customers. The product must provide all the tools to enable "perfect" security and flag all known issues, but it must be up to the end user to make the ultimate decision whether to take a perceived risk.

            Reply Quote 0
              1 Reply Last reply
            • zrqmlao
              zrqmlao last edited by

              Totally unacceptable! I need to access a school site to take a quiz and opera is blocking my login. Warning is acceptable but not allowing me to connect to a known site is an unwarranted intrusion.

              Reply Quote 0
                1 Reply Last reply
              • byakuichi
                byakuichi last edited by

                Firefox 39 do the same now.

                Reply Quote 0
                  1 Reply Last reply
                • cibron
                  cibron last edited by

                  It's ridiculous. To implement the things people don't ask, as ignore real necessary requests (or even omit them).
                  I can't access https websites even in local network.
                  There always must be a choice for every security issues, e.g. for developers.

                  I was using and recommending Opera since 2003, once was Opera Campus Crew evangelist, but sorry, can't go anymore with browser stubborn on dumb inflexibility.

                  Reply Quote 0
                    1 Reply Last reply
                  • lando242
                    lando242 last edited by

                    I can't access https websites even in local network.

                    Sounds to me like you have Turbo enabled.

                    Reply Quote 0
                      1 Reply Last reply
                    • msubulldog
                      msubulldog last edited by

                      Whenever I try contacting support for www.tutor.com, I get that message. But when I use another browser like Google Chrome for the same site, everything is OK.

                      Reply Quote 0
                        1 Reply Last reply
                      • iwashereonce
                        iwashereonce last edited by

                        I have also had this issue on my Galaxy S5. My Galaxy S4 gave me the option to continue and the 5 won't. I also was a network administer so it's really frustrating. I had to sites that I needed to get access to and I found an internet that allows you to. I hope this helps you all out. Download the Dolphin browser and no more headaches.

                        Reply Quote 0
                          1 Reply Last reply
                        • A Former User
                          A Former User last edited by

                          Oops! Looks like Firefox will be going this way at the end of June. See:
                          https://addons.mozilla.org/en-us/firefox/addon/disable-dhe/

                          My Firefox is at version 38.0.5, and I can still connect to Freephoneline.ca site normally. But I still cannot connect with Opera.
                          Opera is trying to be a nanny-browser when no one asks it to. Logjam is not an easy exploit to, well, exploit, and it's not like I'm trying to connect to a compromised banking site. With this enforcement policy, Opera found a way to drive its single-digit market share even lower.
                          Every good security policy states that at the end of the day security should be in the hands of customers. The product must provide all the tools to enable "perfect" security and flag all known issues, but it must be up to the end user to make the ultimate decision whether to take a perceived risk.

                          I have no problem connecting freephone.ca using the latest stable version of Opera (33)looks like they may have fixed the problem

                          Reply Quote 0
                            1 Reply Last reply
                          • First post
                            Last post

                          Computer browsers

                          • Opera for Windows
                          • Opera for Mac
                          • Opera for Linux
                          • Opera beta version
                          • Opera USB

                          Mobile browsers

                          • Opera for Android
                          • Opera Mini
                          • Opera Touch
                          • Opera for basic phones

                          • Add-ons
                          • Opera account
                          • Wallpapers
                          • Opera Ads

                          • Help & support
                          • Opera blogs
                          • Opera forums
                          • Dev.Opera

                          • Security
                          • Privacy
                          • Cookies Policy
                          • EULA
                          • Terms of Service

                          • About Opera
                          • Press info
                          • Jobs
                          • Investors
                          • Become a partner
                          • Contact us

                          Follow Opera

                          • Opera - Facebook
                          • Opera - Twitter
                          • Opera - YouTube
                          • Opera - LinkedIn
                          • Opera - Instagram

                          © Opera Software 1995-