RHEL8 - GOA fails to autodiscover Exchange settings (Diffie-Hellman small size)

Latest response

On RHEL 8 when trying to add an Exchange mail using the Online Accounts of the GNOME settings panel I encountered a problem which resulted in failure of the process. The log says that the goa_ews_client doing autodiscovery received a diffie-hellman prime sent by the server which is too small in size.

Searching for this issue I found that this was a problem identified a few years ago which was since fixed. Note that on Fedora 30 I do not have this problem.

Is there a temporary solution until this issue is properly resolved ?


Panos Asproulis,

Thanks for posting here

I'm curious, is this the Fedora issue https://bugzilla.redhat.com/show_bug.cgi?id=1549242 you discovered relating to the issue you found with RHEL 8? Can you put the link you found here if that is not it?

Also, is that the verbatim error? was there anything else?

Please let us know and someone ought to reply. It might be good to put in a ticket with Red Hat as well in case it is a bug, they can get a fix going.

Let us know,



Yes, this is essentially the root cause of this problem.

This problem can be resolved by issuing the command

$ update-crypto-policies --set LEGACY

followed by a system reboot.

I saw that someone did that at the bugzilla https://bugzilla.redhat.com/show_bug.cgi?id=1549242 for Fedora, I'm glad that worked for you.

Red Hat should make this a bugzilla, I think I'll submit one tomorrow

Thanks for letting us know