Subject: SSL_connect returned=1 errno=0 state=error: dh key too small
Marcelo Lauxen
marcelolauxen16 at gmail.com
Wed Aug 28 21:20:49 UTC 2019
Our server runs with DH key size of 2048 bits and we are trying to make
requests with httparty(https://github.com/jnunemaker/httparty) to a server
that uses DH key size of 1024 bits, i want to now for what reason we are
getting this error SSL_connect returned=1 errno=0 state=error: dh key too
small, it's because different DH key sizes? 🤔
We haven't control of the server who are using DH key size of 1048 bits.
I've opened the same issue on httparty
https://github.com/jnunemaker/httparty/issues/664, but seems not a problem
with httparty and something with OpenSSL.
Currently our server is using *OpenSSL 1.1.1c*, but before we was
using *OpenSSL
1.1.0j* and this error doesn't happen. Is OpenSSL blocking the
communication between our server who uses DH 2048 bits and the other server
who uses DH 1024 bits (weak Diffie-Hellman)? If yes, is it reported in
somewhere?
Our server SSL Labs results:
https://www.ssllabs.com/ssltest/analyze.html?d=web.monde.com.br&latest
Server who we are trying make requests:
https://www.ssllabs.com/ssltest/analyze.html?d=webservices.voeazul.com.br&latest
How we can handle with this?
I would be happy if anyone can help me with this. :(
Att, Marcelo.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20190828/ba9e98f9/attachment.html>
More information about the openssl-users
mailing list