AnsweredAssumed Answered

Disabling or customizing DH using Wildfly

Question asked by Aleksandrs Enins on Jun 12, 2017
Latest reply on Jun 26, 2017 by Aleksandrs Enins

Hello,

I need help with DH cipher as it is being displayed on the SSL Labs as insecure.

 

Setup:
Windows server 2008, deployment tool Wildfly.

 

Results:
SSL Server Test: whoiswho.accenture.com (Powered by Qualys SSL Labs) 

 

I used one of the suggestions and disabled DH across entire system using IISCrypto but that sounds more like something for IIS.

Also applied a group policy update which eventually removed Remote Desktop access but still didn't change the DH outcome.

 

As of now I'm suspecting that this part is what is causing this DH stuff.  "Uses common DH primes Yes Replace with custom DH parameters if possible (more info)". As I'm using the Wildfly and not Apache, Nginx or anything like that I can't find a place to define DH.
Has anyone faced this sort issue?

Outcomes