Web lists-archives.com

141A318A:SSL routines:tls_process_ske_dhe:dh key too small - who is to blame?




Hi folks, 

since my last update I get this error message from kmail:

141A318A:SSL routines:tls_process_ske_dhe:dh key too small

I understand, that the key is to small since some changes in openssl and due 
to the manual I changed /etc/ssl/openssl.cnf.

This is not all the point,  as I can get it working.

The one thing, I did not understand: If this error appears, who is to blame? 
Is this a problem by the server or is this caused by the provider, who still 
uses too small keys?

Is there a way to avoid this problem, without editing the confoiguration? I am 
thinking of users, who are just using debian, do an update and suddenly get 
into this problem.

Thanks for any short answers.

Best

Hans