We recently updated the TLS (HTTPS) configuration for the Forge website and API service. We have removed support for TLS versions 1.0 and 1.1. We have also removed support for various ciphers which are no longer considered secure.
Modern browsers and HTTPS clients should be unaffected by this change, however if you are using a very old browser or client library, you may need to upgrade in order to continue to access the Forge website or API service.
UPDATE 1 (9 July 2021): We have determined that versions of
JRuby (and specifically, the bundled
jruby-openssl gem) that are included with older releases of
puppetserver do not support the new TLS configuration.
Specifically, users of
puppetserver releases prior to 6.10.0 may experience errors similar to:
ERROR -> Received fatal alert: handshake_failure
when attempting to deploy environments with
To resolve this issue, you have two options:
puppetserver to a version >= 6.10.0 (including any 7.x release), this is the recommended option
Run the command
puppetserver gem install jruby-openssl as the appropriate user on any impacted systems to upgrade the
jruby-openssl gem in place
If you have any questions or concerns, please email us at firstname.lastname@example.org. Thank you.