Bug 1228233

Summary: can't connect to tomcat website with nss-3.19.1-1.0.fc21.x86_64
Product: [Fedora] Fedora Reporter: Michael Young <m.a.young>
Component: nssAssignee: Elio Maldonado Batiz <emaldona>
Status: CLOSED NOTABUG QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 21CC: emaldona, kdudka, kengert
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-06-04 22:06:08 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Michael Young 2015-06-04 12:47:00 UTC 
After updating the nss packages to 3.19.1-1.0.fc21.x86_64 I can no longer connect to a website running tomcat (this is with firefox, chromium shows the same problem). I get the error

SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key) 

This worked with the previous version of nss. Is something broken in the new version of nss?
Comment 1 Michael Young 2015-06-04 22:06:08 UTC 
After further investigation I have decided this is a legitimate consequence of a logjam ssl fix and not a bug.