SSL/TLS Diffie-Hellman Modulus <= 1024 Bits (Logjam)

We are getting SSL/TLS Diffie-Hellman Modulus <= 1024 Bits (Logjam) vulnerability error. By default search guard uses which cipher ?

By default, this entirely depends on the Java version you are using to run Elasticsearch.

On which Java does your Elasticsearch run? Also, which version of Elasticsearch are you using? And which version of Search Guard?

Java version is “JAVA_RELEASE”: “11.0.7”.
ES DB Version is 7.8.0

If you have not configured anything else in Search Guard, or Java, Java 11 uses the following cypher suites by default:

https://docs.oracle.com/en/java/javase/11/docs/specs/security/standard-names.html#jsse-cipher-suite-names

Coming to the logjam issue: You can two options to address it:

To circumvent the problem, you have several options:

@nils : Thank you for your support.

You can also have a look at our docs for an example on how to configure ciphers and TLS protocols: