Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The CAS test environment (cas-test.its.hawaii.edu) has been updated.

As always, we encourage you to test your applications against the updated environment.

  •  Tomcat has been updated from 8.0.50 to 8.5.31

This is a somewhat significant update for the Java Servlet Container that the CAS application runs in. The Tomcat 8.0.x track is scheduled for EOL 2018-06-30.

This version supports TLSv1.1 and TLSv1.2. Notably, TLSv1.0 was previously supported, but is not in this update.

...

  • Tomcat
    • -Dhttps.protocols=TLSv1,TLSv1.2,TLSv1.1
      • As long you have at least one of the supported protocols (TLSv1.2,TLSv1.1) it should work
      • TLSv1 above is Tomcat's configuration string for TLSv1.0 (ignored by this update to our Tomcat)
  • PHP:
    • PHP documentation recommends not setting Set CURLOPT_SSLVERSION to 5 or 6 (or do not set CURLOPT_SSLVERSION)

      Code Block
      languagephp
      titlereported successful configuration change
      // curl_setopt($ch, CURLOPT_SSLVERSION, 4);
      // curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, 'TLSv1');
    • PHP documentation recommends not setting CURLOPT_SSLVERSION

      • Comments suggest, "CURL_SSLVERSION_TLSv1_1 (5) or CURL_SSLVERSION_TLSv1_2 (6) only work for PHP versions using curl 7.34 or newer"
  • (info) Consider deprecating TLSv1.0 in your client configurations if possible

...