This came in this morning via
https://www.weather.gov/media/notification/SCN20-60_NWS_Website_Enforce_TLS.pdfSubject: Enforce TLS 1.2 or Higher on Several NWS Websites
Effective date: July 27, 2020
Effective on or about July 27, 2020, beginning at 1400 Coordinated Universal Time (UTC), the National Centers for Environmental Prediction (NCEP) Central Operations (NCO) will enforce Transport Layer Security (TLS) 1.2 or higher connections to the websites listed below.
The following websites will be affected:
---
weather.gov*
airquality.weather.gov
alerts.weather.gov
api.weather.gov
aviationweather.gov*
digital.weather.gov
forecast.weather.gov
graphical.weather.gov
marine.weather.gov
mobile.weather.gov
preview.weather.gov
preview-api.weather.gov
radar.weather.gov
water.weather.gov
f1.weather.gov
w1.weather.gov
w2.weather.gov
---
www.nws.noaa.gov
nowcoast.noaa.gov
new.nowcoast.noaa.gov
ssd.wrh.noaa.gov
www.wrh.noaa.gov
wwwx.wrh.noaa.gov
---
idpgis.ncep.noaa.gov
---
tsunami.gov*
---
Where â*â also includes âwww.â
Any browsers or services that do not support TLS 1.2 or greater and access these sites will need to begin support of TLS 1.2 or greater in order to avoid service interruption.
The Saratoga PHP scripts that use NWS data all use PHP's built-in cURL or stream access to obtain data from NWS sites,
so
your website's PHP/cURL version should be up-to-date to have the scripts continue to operate.To make sure your website is TLS1.2 capable, create a page with
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>PHP Info</title>
</head>
<body>
<?php phpinfo(); ?>
</body>
</html>
on it, display the page in your browser and look for
Registered Stream Socket Transports tcp, udp, unix, udg, ssl, sslv3, tls, tlsv1.0, tlsv1.1, tlsv1.2
If you don't see the
tlsv1.2 upgrade your PHP to V7+ or contact your webhoster to have PHP updated.
