Weak Diffie-Hellman strength


We have a vulnerability scanner deployed in our company and we’ve been scanning a ELK stack environment we setup with SearchGuard as the security addon for the stack.

However, we can see that the scanner has detected the key strength of diffie-hellman to be < 2048 which it considers as a medium severity. How can we resolve this for searchguard?

EDIT: It’s reacting on the port 9300 TCP.

Please provide your certificate details and more detailed output of the scanner (you can send confidential informations via PGP encrypted mail if necessary: Search Guard Security | Securing your Elasticsearch cluster with Search Guard)

How exactly did you create your SSL certificates?

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.