Old Djigzo installation with certificate problem: how to switch to port 80?

Hi,

today we were contacted by a company, that is running an old djigzo installation from 2011 on a SuSE 11.1

The browsers do not accept the weak encryption, that this installation offers:

An error occurred during a connection to 212.184.xxx.xxx:8443. SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. Error code: SSL_ERROR_WEAK_SERVER_EPHEMERAL_DH_KEY

How can be change the configuration from port 8443 to 80? Just changing "scheme" to "http" and "SSLEnabled" to "false" in server.xml doesn't seem to be enough - now we only get a blank page.

Right now we have to add some new accounts, before we can offer the company a migration to a current version of Ciphermail.

Thanks for any suggestions & hints,

Stefan

You should tell the Web GUI not to require HTTPS. You can do this by
setting the following system property:

djigzo.https.all=false

I think (not tested) that it should work when you add this to the file
djigzo-web.properties (restart Tomcat after changing).

Alternatively you can set this property in the Tomcat default file
(/etc/default/tomcat) as a java system property with

JAVA_OPTS="$JAVA_OPTS -Ddjigzo.https.all=false"

(don't forget to restart Tomcat)

Kind regards.

Martijn Brinkers