Server has a weak ephemeral..."
 

More often then not in the last few weeks, with Chrome or Firefox, when attempting to access anything Skynet/UAL related (CCS seems fine), I get this: 'Server has a weak ephemeral Diffie-Hellman public key.'

Neither browser will let me through. Says it's a 'disastrous misconfiguration' on the server (UAL) side and stops my login to protect myself.

Anybody else gotten that over the last few weeks?

Funny, I was going to ask the same question today! Safari has been working.

Strangely, clearing cookies/clearing the cache is what started it (it first came up on my phone at the WORST possible time while in DIA trying to nonrev). IE/Win 10 Edge works fine. But Chrome and FF screw up now.

I'll try the FF extension. I have no idea where to email UAL's Skynet IT to let them know this continues to happen.

Farabi connection error

IT company with wings....

Do you know if you have updated your browsers, or are they set to auto update.

You may try uninstalling Firefox and downloading an earlier version.

Here is the quick fix for Firefox that does not require installing anything.

In address line in Firefox browser type: about:config
In the page that opens up, look for these two entries:

security.ssl3.dhe_rsa_aes_128_sha
security.ssl3.dhe_rsa_aes_256_sha

Toggle to FALSE for both

Dude.. owe you a Bier! Thanks~ Works like a charm.

Always
Motch

I called ipad support out of desperation a month ago when my laptop wouldn't connect to Flying Together.

The gal who helped me was extremely helpful, had seen it before, knew exactly what to do, and walked me through what Bouldarian posted.

The week before I had called them for ipad support, and that guy was super helpful, too.

While much of the IT here is a train wreck, the support people for the ipad are awesome, and have knowledge beyond just the ipad.

Good to know!......thanks!

Thanks for the help. I installed the FF plugin. That way, I could easily undo it since that plugin defeats the security stuff that both FF and Chrome have created specifically to protect the end users against badly configured servers. I see in the ALPA Scheduling Committee brief that UAL knows something is wrong. Hopefully it gets fixed shortly so this workaround isn't needed.

Thanks again!

The best way to put the company on notice is to have the MEC demand an extension to the bidding window another 10 days! They'll fix it quick.

Might consider resetting those to "true" when you're done on the UAL site.

Rick:

What are the repercussions if you don't?

With it set to FALSE Firefox will still warn you that you are connecting to a dangerous or weak server (UAL) and ask if you wish to continue at your own risk. With it set to TRUE, it forbids you from connecting to such server - it makes the decision for you.

The danger of having it set to FALSE is that you could potentially try connecting to a phishing server unintentionally (a server pretending to be your bank and try to steal you login credentials), and even after being warned by Firefox, agree to continue putting your identity and computer at risk.

If you choose to have it set to FALSE just be sure that you never ignore the server security warning and only agree to continue if you are certain that you are connecting to your intended server (connecting via CCS link or such.)

I use Firefox only for company business (CCS & Skynet); Apple Safari with high security restrictions for all Banking; and Chrome for general goofing around the web - that way even if some malicious tracker sneaks by Chrome, it will remain isolated from my work or banking.