The above error will occur if the company website is accessed using Firefox and Samsung devices using HTTPS. The certificate is really bought. The following method works. From http://www.cnblogs.com/milton/p/4624559.html

The following error occurred when ff visited a self-signed internal website
SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key)
Tomcat is used by the server. The solution is to modify Tomcat /conf/server.xml, change the configuration, and add sslEnabledProtocols and Ciphers

<Connector protocol="org.apache.coyote.http11.Http11Protocol"
     port="9443" minSpareThreads="5" maxSpareThreads="75"
     enableLookups="true" disableUploadTimeout="true"
     acceptCount="100" maxThreads="200"
     scheme="https"
     secure="true" SSLEnabled="true"
     keystoreFile="/home/tomc/apache-tomcat-7.0.33/conf/server.keystore"
     keystorePass="111111"
     clientAuth="true"
     sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2"
     ciphers="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_RC4_128_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA,SSL_RSA_WITH_RC4_128_SHA"
     URIEncoding="UTF-8"/>