[SOLVED] Opera 9.27 complaining about "short encryption key"

[Rich Graves]

Opera has the same complaint about the first four public Zimbra sites I tried... using 3 different CAs.

I get Connection : TLS v1.0 128 bit AES (DHE_RSA/SHA) and looking in Advanced/Security/Security Protocols I see SSL/TLS1 128 bit AES (DH_RSA/SHA) checked.

Hmm, if I tell Opera not to allow 128-bit AES, then it successfully negotiates 128-bit RC4, and does not complain. So I guess if you tell it to use AES at all, it demands 256-bit. Opera even complains if you UNcheck 256-bit AES, allowing only 128-bit AES.

I see a few end-user complaints about this behavior, but no detailed diagnosis. Has anyone filed a bug against Opera?

[Rich Graves]

I'm calling it an Opera bug, though it would be nice if Zimbra supported 256-bit AES. Cross-reference: 128-bit AES not accepted? - Security and privacy in Opera - Opera Community

[Rich Graves]

Zimbra supports 256-bit AES after installing the appropriate bits from https://cds.sun.com/is-bin/INTERSHOP...-CDS_Developer into /opt/zimbra/jre/lib/security

Thanks for the pointer from Running Kerberos with Zimbra Collaboration Suite - Zimbra :: Wiki