Carnegie Mellon University School of Computer Science

RAMS and SCS Web Apps TLS Issue 03/16/2020

TLS Issues with RAMS and SCS Web Apps

This event is: Ongoing

Affected systems: Posters Tech. Procure. Equip. Reg. Web Services

Day/Date:  Monday, March 16, 2020

Time:  Ongoing

Service Affected:  SCS RAMS Database Upgrade

Details:

We have identified an issue with some web browsers such as Firefox, where some of our web resources may not display correctly or be accessible due to the deprecation by some vendors of Transport Layer Security protocol (TLS) version 1.1. 

Due to this issue, some web browsers may display a warning indicating the website may be insecure. The browser may provide an option to go back to using TLS 1.1, in which case the site will load and work as usual. Enabling TLS 1.1 or utilizing another web browser can be workarounds until a permanent fix is implemented on our affected sites. 

Firefox showing a warning about tls and a button to allow 1.0 and 1.1
Firefox TLS Security Warning

This change in some web browsers affects the following resources:

  • CASE System (Configuration & Administration of SCS Equipment)
  • Web Reports
  • Procurement Application
  • Poster Printing Submission Application
  • Hostinfo utility
  • RAMS Web Application (Internal)

The fix for this issue is currently in development with expected implementation next month due to the significant testing required in a major upgrade. We will update and resolve this alert when the fix is deployed and in production.

Please contact us with any questions or concerns regarding this alert.