As part of our upgrades to the GOV.UK PaaS platform we have changed the fingerprinting algorithm of the keys that allow access to your backing services from MD5 to SHA256. This increases the security of the platform by making the keys harder to forge.
We have updated our Conduit plugin to support this change to the platform. If you use the Conduit plugin, we need you to update your installed version.
We are currently waiting for a pull request to be merged by Cloud Foundry, we expect this to be merged by Monday, once merged you will be able to upgrade with the following command:
‘cf install-plugin -r CF-Community "conduit" ‘
If you urgently need to upgrade you can perform the following steps
Run ‘cf uninstall-plugin conduit’ Go to https://github.com/alphagov/paas-cf-conduit/releases/tag/v0.0.8 and download the correct bianary for your system Run ‘cf install-plugin BINARY-FILENAME’ to install the updated conduit. Replace BINARY-FILENAME with the path to and name of the downloaded conduit file.
This will update you to Conduit version 0.0.8 which can be verified with the command ‘cf plugins’.
Conduit will function in exactly the same way as in the previous versions.
We have identified an issue with using the conduit plugin to access databases from your local machine. we are currently working on a fix for this issue. There is no issue with applications on the platform accessing databases
Posted Sep 13, 2019 - 08:46 BST
This incident affected: Ireland (MySQL Backing service - availability of platform-provided services, Postgres Backing service - availability of platform-provided services) and London (MySQL Backing service - availability of platform-provided services, Postgres Backing service - availability of platform-provided services).