Weak Diffie-Hellman strength


We have a vulnerability scanner deployed in our company and we’ve been scanning a ELK stack environment we setup with SearchGuard as the security addon for the stack.

However, we can see that the scanner has detected the key strength of diffie-hellman to be < 2048 which it considers as a medium severity. How can we resolve this for searchguard?

EDIT: It’s reacting on the port 9300 TCP.

Please provide your certificate details and more detailed output of the scanner (you can send confidential informations via PGP encrypted mail if necessary: https://search-guard.com/security/)

How exactly did you create your SSL certificates?