The CAS test environment (cas-test.its.hawaii.edu) has been updated.
As always, we encourage you to test your applications against the updated environment.
- Tomcat has been updated from 8.0.50 to 8.5.31
This is a somewhat significant update for the Java Servlet Container that the CAS application runs in. The Tomcat 8.0.x track is scheduled for EOL 2018-06-30.
This version supports TLSv1.1 and TLSv1.2. Notably, TLSv1.0 was previously supported, but is not in this update.
The following ciphers are supported as determined by SSL Labs' SSL server test:
TLS 1.2 (suites in server-preferred order)
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
- TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
- TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS 1.1 (suites in server-preferred order)
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA
Barring unforeseen problems, this update will be promoted to our production environment at a date yet to be determined.
We will advise before doing so.