Jira (PUP-10212) SSL negotiation fails with "tls_process_ske_dhe:dh key too small"

79 views
Skip to first unread message

Robert August Vincent II (JIRA)

unread,
Dec 31, 2019, 9:43:03 AM12/31/19
to puppe...@googlegroups.com
Robert August Vincent II moved an issue
 
Puppet / Bug PUP-10212
SSL negotiation fails with "tls_process_ske_dhe:dh key too small"
Change By: Robert August Vincent II
Component/s: PuppetDB
Component/s: Puppet Server
Component/s: Networking
Key: ENTERPRISE PUP - 1301 10212
Project: Puppet Enterprise
Add Comment Add Comment
 
This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93)
Atlassian logo

Robert August Vincent II (JIRA)

unread,
Dec 31, 2019, 9:44:03 AM12/31/19
to puppe...@googlegroups.com
Robert August Vincent II updated an issue
 
Puppet / Sub-task PUP-10212
Method Found: Needs Assessment
Issue Type: Bug Sub-task
Parent: PUP-8550

Josh Cooper (JIRA)

unread,
Jan 7, 2020, 5:20:06 PM1/7/20
to puppe...@googlegroups.com
Josh Cooper updated an issue
 
Puppet / Bug PUP-10212
Change By: Josh Cooper
Method Found: Needs Assessment
Issue Type: Sub-task Bug
Parent: PUP-8550

Josh Cooper (Jira)

unread,
Jan 27, 2021, 1:25:04 PM1/27/21
to puppe...@googlegroups.com
Josh Cooper commented on Bug PUP-10212
 
Re: SSL negotiation fails with "tls_process_ske_dhe:dh key too small"

Googling shows this error means the server is presenting a weak diffie hellman key, e.g. https://imlc.me/dh-key-too-small. I assume dhparams.pem need to be regenerated on the server host. Charlie Sharpsteen does this sound familiar?

This message was sent by Atlassian Jira (v8.5.2#805002-sha1:a66f935)
Atlassian logo

Charlie Sharpsteen (Jira)

unread,
Jan 27, 2021, 7:36:03 PM1/27/21
to puppe...@googlegroups.com

Ah, I see the PE version is 2019.2.1.

PE-27944 bumped the Diffie-Hellman key size to 2048, released in PE 2019.4.0. So, it seems this issue should already be fixed in PE. Open Source may be a different question as PE implemented the fix by adding -Djdk.tls.ephemeralDHKeySize=2048 to the JAVA_ARGS managed by PE. But, maybe there is a default value used by the JVM that should be addressed by platform Java providers?

Josh Cooper (Jira)

unread,
Jan 27, 2021, 8:24:04 PM1/27/21
to puppe...@googlegroups.com
Josh Cooper commented on Bug PUP-10212

Thanks Charlie Sharpsteen!

I think the question of "how to change DH keys for opensource" is an exercise left to the reader. There's some documentation here for jdk8: https://docs.oracle.com/javase/8/docs/technotes/guides/security/jsse/JSSERefGuide.html#customizing_dh_keys With that I'm going to close this ticket.

Valters Jansons (Jira)

unread,
Feb 10, 2021, 1:24:02 PM2/10/21
to puppe...@googlegroups.com

Is there a reason as to why the packaged /etc/default/puppetserver for Open-Source Puppet Server (as of 7.0.3) does not include -Djdk.tls.ephemeralDHKeySize=2048?

Josh Cooper (Jira)

unread,
Feb 10, 2021, 4:45:02 PM2/10/21
to puppe...@googlegroups.com
Josh Cooper commented on Bug PUP-10212

Valters Jansons that seems doable, though I don't know if there are reasons why we're intentionally not doing that, perhaps due to incompatibility with older java versions (just a guess). Thoughts Justin Stoller?

Valters Jansons (Jira)

unread,
Feb 11, 2021, 5:58:04 AM2/11/21
to puppe...@googlegroups.com

Josh Cooper, Justin Stoller,

Java support matrix from Installing Puppet Server says

  • Puppet 2.x supports Java 7 and 8
  • Puppet 5.x supports Java 8
  • Puppet 6.x and later support Java 8 and 11

Java™ SE Development Kit 1.6.0u101 and 1.7.0u85 added the jdk.tls.ephemeralDHKeySize system property.
Java™ SE Development Kit 1.6.0u105 and 1.7.0u91 added support for DHKeyPair generation for key sizes up to 2048 bits.

Java 7 initial release allows the DH key size to be between 512 and 1024 bits as listed on JSSE: Features and Benefits and it is not configurable.
Java 8 discusses jdk.tls.ephemeralDHKeySize is allowed to be between 1024 and 2048 (from JSSE: Customizing Size of Ephemeral Diffie-Hellman Keys).

Puppet 2.x changes are out of question, so the Java 7 and Java 8 compatibility for non-Oracle customers is not a concern.
Puppet 5.x supports Java 8, and Java 8 lists the system property as allowing 2048 bits.
It is reasonable to expect Java 11 to support the property similarly, and the latest Puppet releases target Java 8 and 11, so it should be fine.

Justin Stoller (Jira)

unread,
Feb 12, 2021, 9:10:03 PM2/12/21
to puppe...@googlegroups.com

We typically target the latest and earliest versions of a major OS release. ie, we have Redhat 7.1 in our CI system for that compatibility guarantee, and that image comes with Java 1.8 b08. I have a feeling we can make an exception that users should have been upgrading to builds of the JDK with better security, even if they've stayed on jdk8. I'll have to run that by RE or Product first and get the images updated. I'm out next week so I won't get an answer for a bit.
Reply all
Reply to author
Forward
0 new messages