I'm trying a set up a secure websocket in activemq using CA certs, but I keep getting this message in the browser:
SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key)
I believe this is related to the cipher suite, but I'm A) not finding using the right cipher suite or B) configuring it in the wrong area of Apache Activemq. Currently, I've been adjusting the configuration of ssl in transport connector in activemq.xml( http://activemq.apache.org/ssl-transport-reference.html). However, I know that activemq uses a jetty server and i'm wondering if I should be configuring the suite in jetty.xml a la How to config local Jetty ssl to avoid weak phermeral DH key error?. So, my questions are, is this the right approach? If so, what's the correct cipher suite for activemq?
The Java JDK version 1.7.0_79
Alright, I was able to create a work around by reading the activemq-apollo guide and then matching it to closed JIRA's in activemq: http://activemq.apache.org/apollo/documentation/user-manual.html#Working_Around_Java_7_SSL_Bugs https://issues.apache.org/jira/browse/AMQ-4520