Server has a weak, ephemeral Diffie-Hellman public key

So I came across this today when connecting to Ubiquiti Airvision NVR from Google Chrome. “Server has a weak, ephemeral Diffie-Hellman public key”

The error relates to the Secure Sockets Layer encryption between the latest Chrome Browser and the Ubiquiti Device.

The fix requires you to login to the NVR via SSH and modify a file and reboot the NVR.

Editing the file is easiest using a text editor called nano, which can be installed by running the following command once you have SSH’d into the NVR.

apt-get install nano

Stop the unifi video controller software.

service unifi-video stop

Once nano is installed, then enter the following command to edit the file

nano -w /usr/lib/unifi-video/conf/server.xml

Add the following line to the file just above ciphers= at about line 58.

Delete the entire ciphers= line by pressing <ctrl> + <k> with the cursor at the beginning of the line.

Save the file and exit with <ctrl> + <x> and then <enter>

service unifi-video start

You are all done…. Test 🙂

This entry was posted in Consultancy, Ubiquiti. Bookmark the permalink.