Recently encountered the error when trying to browse the configuration page of vRealize Orchestrator
SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key)
Quick Workaround from VMware:
– Update CIPHER suites accepted by Orchestrator server
LOCATION:
/etc/vco/app-server/server.xml
/etc/vco/configuration/server.xml
FROM:
ciphers=”TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_DSS_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA” />
TO:
ciphers=”TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA” />
– Restart Orchestrator services
