Reason: Recent versions of Firefox (39) and Chrome (45) expects Strong Cipher suite definition in the SSL enabled web applications. The request will get rejected if weak cipher is found on the web server.
Problem Fix:
We recommend the below Cipher for eG web application. This attribute needs to be added in Server.xml under the SSL connector definition in Tomcat,
ciphers="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA,SSL_RSA_WITH_RC4_128_SHA"
eG Manager restart is required once the above entry is changed.
Sample entry from Server.xml
<Connector port="443" server="eG Tomcat Server" keystorePass="eginnovations" keystoreFile="webapps/eGmanager.bin" ciphers="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA,SSL_RSA_WITH_RC4_128_SHA" sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2" sslProtocol="TLS" clientAuth="false" secure="true" scheme="https" SSLEnabled="true" compressableMimeType="text/html,text/xml,text/plain,application/x-java-applet,application/octet-stream,application/xml,text/javascript,text/css,image/png,image/jpeg,image/gif,application/pdf,application/x-javascript,application/javascript,application/json,application/x-shockwave-flash,application/xhtml+xml,application/xml+xhtml" noCompressionUserAgents="gozilla, traviata" compressionMinSize="1024" compression="on" tcpNoDelay="true" URIEncoding="UTF-8" useURIValidationHack="false" connectionTimeout="20000" acceptCount="10" enableLookups="false" maxThreads="512" minSpareThreads="64" protocol="HTTP/1.1"/>
Lee Stewart
Why SSL enabled eG console is not loading after recent Chrome and Firefox upgrades?