We deployed in the 1.x portal and successfully migrated to 3.x. We are at the point where we need to update whats being collected and access the collector software, however, when we, as registered users, try to log into the collector we get an error message saying "Server has a weak ephemeral Diffie-Hellman public key."
How can we fix this and access the collector? This is very frustrating...
Unfortunately, I cannot open a service request at this time.
We moved your question to the Smart Net Total Care community now so that a peer or Cisco expert can see it and respond. Feel free to save the link to this community and come back with any other questions you may have.
Apologies for the confusion with the choices of communities to post in (I have reported the issue already and will follow up for a fix) but now you are in the right community and your question will be answered soon. In the meantime, please let me know if you had other questions but was not able to post here and I will post them for you.
Welcome to the community!
This workaround only works in Firefox 39 or higher. Here is what you can do:
1) Navigate to "about:config" by entering it into the URL bar
2) Click accept
3) Search for "security.ssl3.dhe_rsa_aes" in the search bar on this page (not the firefox search bar)
4) Check both of those values to false
This is bypass the security check that Firefox does for logjam. Since this is a server internal to your network, it shouldn't pose a problem. Please remember to turn it back on once you've gathered the necessary data from the collector. The newest version of the collector image (2.5) does not have this issue. You should deploy that when possible.
It's actually due to be released soon, but as a new OVA. For now, you can grab your managed device list, credentials, and user accounts from your current collector, and then it should be easy to import those into the new one once you've hosted the OVA.
I can give you more details on how to do that if you have any questions.