Browser refuses RV042G https 256-bit encryption certificate

M.Verheijden · ‎06-19-2015

Since the latest update my Palemoon browser does not accept ssl/dhe keys smaller then 1024-bit, this results in an error when i try to open the RV042G https management console.

For now i can use Firefox to work around the issue, but this restriction will be implemented in Firefox 39 as well and then my options are limited

Is there a way to replace the 256 bit key with a 2048 bit?

Thanks in advance

M. Verheijden

M.Verheijden · ‎07-05-2015

ping

vanek.lumir · ‎07-08-2015

Have this problem too:

The server certificate included a public key that was too weak. (error code: ssl_error_weak_server_cert_key)

L.V.

shawn.moser · ‎07-09-2015

Here is firefox's blub on it.

https://support.mozilla.org/en-US/kb/tls-error-reports

M.Verheijden · ‎08-11-2015

Its strange, i bought this thing 8 months ago, after 6 months it starts having issues and there seem to be no support on the device at all, to put it mildly this is disappointing.. where can i file a support request to get help on this issue? or does Cisco sells its equipment without service?

vanek.lumir · ‎08-11-2015

In fact, this device is not true Cisco, it is Linksys by Cisco. Cisco abandoned SOHO segment and yes, support is weak and poor.

I must use virtual Debian OS to access router. Not have Windows browser, that can access it...

Dan Miley · ‎10-19-2015

This is really a browser issue that they are not allowing connections that were previously allowed.

here is a doc with workarounds for chrome and mozilla.

http://www.learncisco.net/blog/security/server-has-a-weak-ephemeral-diffie-hellman-public-key.html

That device should have one year free tech support (if purchased new from an autorized reseller). We would be glad to help you.

Go to the cisco site, hover your mouse over 'support' on the bottom right is support center contacts.

http://www.cisco.com/c/en/us/support/web/tsd-cisco-small-business-support-center-contacts.htm

Sign in and click open or view cases, create your own case, call in the US 866-606-1866 and follow the prompts for an existing case. That will bypass the front line. You can also come into the chat.

please reference bug CSCuw38521. I do not know what the plans for this one are, but the more cases attached to this bug, the higher priority will be put on it.

alternatively, sign up for notifications and when the next firmware comes out see if it has been addressed.

Dan

M.Verheijden · ‎10-19-2015

Thanks for your answer Dan, unfortunately this is a work around, like you say, and not a solution, and this work around, if i may add, will remove the protection for this vulnerability completely, and i think this protection was build in for a reason...

so please, instead of telling me to disable protection, the routers firmware should be brought up to date asap, this should not have to take 4 months.

regards,

M. Verheijden

M.Verheijden · ‎10-05-2015

Still no news on this front? im feeling a bit lonely here, surely i cant be the only one with this issue and Cisco is remarkably quiet on this problem.

M.Verheijden · ‎11-26-2015

Took 6 months, but here it is, new firmware fixes the issue, thank you Cisco for your "prompt" response to this security flaw... perhaps the next routers here will be Draytec...