Introduction

The Logjam vulnerability (CVE-2015-4000) exploits weak Diffie-Hellman (DH) parameters (512-bit or 1024-bit) to downgrade TLS connections and intercept encrypted traffic. Modern clients reject connections to servers using DH parameters shorter than 2048 bits, producing errors like DH key too small or SSL alert number handshake failure. Security scanners flag weak DH parameters as a high-severity vulnerability.

Symptoms

  • curl fails with SSL: DH key too small or error:141A318A:SSL routines
  • Firefox shows SSL_ERROR_WEAK_SERVER_EPHEMERAL_DH_KEY
  • SSL Labs grades server T or shows Uses common DH parameters warning
  • openssl s_client shows Server Temp Key: DH, 1024 bits
  • Security scanner reports Logjam vulnerability detected

Common Causes

  • Default DH parameters generated by old OpenSSL versions (1024-bit)
  • Web server using built-in default DH parameters instead of custom ones
  • Outdated SSL configuration templates with weak crypto settings
  • DHE cipher suites prioritized over ECDHE suites
  • Legacy load balancer or reverse proxy with hardcoded weak parameters

Step-by-Step Fix

  1. 1.Check current DH parameter size:
  2. 2.```bash
  3. 3.openssl s_client -connect yoursite.com:443 -cipher 'EDH' </dev/null 2>&1 | \
  4. 4.grep "Server Temp Key"
  5. 5.# If it shows "DH, 1024 bits" or less, parameters are too weak
  6. 6.`
  7. 7.Generate strong 2048-bit (or 4096-bit) DH parameters:
  8. 8.```bash
  9. 9.# 2048-bit (recommended, generates in ~30 seconds)
  10. 10.sudo openssl dhparam -out /etc/ssl/dhparam.pem 2048

# 4096-bit (more secure, takes several minutes) sudo openssl dhparam -out /etc/ssl/dhparam.pem 4096 ```

  1. 1.Configure Nginx to use the new DH parameters:
  2. 2.```nginx
  3. 3.ssl_dhparam /etc/ssl/dhparam.pem;
  4. 4.ssl_protocols TLSv1.2 TLSv1.3;
  5. 5.ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305';
  6. 6.ssl_prefer_server_ciphers on;
  7. 7.`
  8. 8.Configure Apache to use strong DH parameters:
  9. 9.```apache
  10. 10.SSLOpenSSLConfCmd DHParameters "/etc/ssl/dhparam.pem"
  11. 11.SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384
  12. 12.SSLHonorCipherOrder on
  13. 13.`
  14. 14.Prefer ECDHE over DHE cipher suites:
  15. 15.ECDHE (Elliptic Curve Diffie-Hellman Ephemeral) does not require pre-generated DH parameters and is both faster and more secure:
  16. 16.```nginx
  17. 17.# Prioritize ECDHE over DHE
  18. 18.ssl_ciphers 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:!DHE';
  19. 19.`
  20. 20.Verify the fix:
  21. 21.```bash
  22. 22.openssl s_client -connect yoursite.com:443 -cipher 'EDH' </dev/null 2>&1 | \
  23. 23.grep "Server Temp Key"
  24. 24.# Should show: "DH, 2048 bits" or use ECDHE
  25. 25.`

Prevention

  • Include DH parameter generation in initial server setup procedures
  • Use Mozilla SSL Configuration Generator for up-to-date cipher suite recommendations
  • Prefer ECDHE cipher suites that do not require DH parameter files
  • Monitor SSL Labs grade and DH parameter warnings in regular security scans
  • Automate DH parameter rotation as part of annual security review procedures