Weak Diffie-Hellman strength

victorvic · July 30, 2019, 10:51am

Hi,

We have a vulnerability scanner deployed in our company and we’ve been scanning a ELK stack environment we setup with SearchGuard as the security addon for the stack.

However, we can see that the scanner has detected the key strength of diffie-hellman to be < 2048 which it considers as a medium severity. How can we resolve this for searchguard?

EDIT: It’s reacting on the port 9300 TCP.

hsaly · July 30, 2019, 11:45am

Please provide your certificate details and more detailed output of the scanner (you can send confidential informations via PGP encrypted mail if necessary: Search Guard Security | Securing your Elasticsearch cluster with Search Guard)

How exactly did you create your SSL certificates?

system · August 20, 2019, 12:00pm

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
SSL/TLS Diffie-Hellman Modulus <= 1024 Bits (Logjam) Search Guard	6	1707	October 19, 2021
Search Guard pilot project, need some hints Search Guard	1	382	November 16, 2018
Signature length not correct: got 256 but was expecting 512 Search Guard	1	3504	February 13, 2018
Search Guard certificate error Search Guard	1	1143	February 1, 2018
the first pls.... SSL Problem Received fatal alter: unknown_ca Search Guard	0	452	July 11, 2018

Weak Diffie-Hellman strength

Related Topics