Brekeke Documents

Find user guides, developer guides, API references, tutorials, and more!

Brekeke UC Wiki

  1. Brekeke UC Basic Info
  2. Brekeke UC System Requirements
  3. Installation
  4. Configuration
  5. Troubleshooting
    1. Cannot login
    2. Alert message displays when accessing with https
    3. [Voice call] and [Video call] buttons are displayed as inactive
    4. Cannot establish WSS connection
    5. Connection error at http/WSS (ERR_SSL_WEAK_EPHEMERAL_DH_KEY)
    6. Cannot initialize database
    7. Desktop Notification doesn't pop up
  6. Version History

Connection error at http/WSS (ERR_SSL_WEAK_EPHEMERAL_DH_KEY)

Issue 1:

Connection failed to access UC when Chrome version 47.0.x is used. An error message “ERR_SSL_WEAK_EPHEMERAL_DH_KEY” will be displayed at the browser.

  1. Tomcat <- https -> UC (browser)

https connection failed.

  1. UC <- WSS -> SIP server

WSS connection failed.

This issue is caused when OpenJDK1.7 is used for the Tomcat. Encryption algorithm that is not permitted by Chrome is included in Cipher Suite used during a secure connection.

 

Solution 1:

Install other Java, such as Oracle Java.

 

Solution 2:

Set the following settings at Tomcat:

https Connection: At Tomcat > server.xml, add correct “ciphers=” parameter.

Example:

ciphers="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA"

 

WSS Connection: At Brekeke SIP Server > advanced setting, add correct “ciphers” parameter and priority.

Example:

net.sip.wss.ciphersuite.1 = TLS_RSA_WITH_AES_256_CBC_SHA
net.sip.wss.ciphersuite.2 = TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
net.sip.wss.ciphersuite.3 = TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
net.sip.wss.ciphersuite.4 = TLS_RSA_WITH_AES_256_CBC_SHA256
net.sip.wss.ciphersuite.5 = TLS_DHE_RSA_WITH_AES_256_CBC_SHA
net.sip.wss.ciphersuite.6 = TLS_DHE_DSS_WITH_AES_256_CBC_SHA
net.sip.wss.ciphersuite.7 = TLS_RSA_WITH_AES_128_CBC_SHA256
net.sip.wss.ciphersuite.8 = TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
net.sip.wss.ciphersuite.9 = TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
net.sip.wss.ciphersuite.10 = TLS_RSA_WITH_AES_128_CBC_SHA
net.sip.wss.ciphersuite.11 = TLS_DHE_RSA_WITH_AES_128_CBC_SHA
net.sip.wss.ciphersuite.12 = TLS_DHE_DSS_WITH_AES_128_CBC_SHA
net.sip.wss.ciphersuite.13 = SSL_RSA_WITH_3DES_EDE_CBC_SHA
net.sip.wss.ciphersuite.14 = SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
net.sip.wss.ciphersuite.15 = SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
net.sip.wss.ciphersuite.16= TLS_EMPTY_RENEGOTIATION_INFO_SCSV

 

 

Yes No
« Cannot establish WSS connectionCannot initialize database »
Suggest Edit