Back to Resources

Blog

Posted December 2, 2020

ACTION REQUIRED: Secure Your Testing Experience - Best Practices for Updating Sauce Connect

This post provides the latest news about Sauce Connect, including new features, security improvements, and critical bug fixes. It also offers instructions for upgrading as well as what to look for in 2021.

quote

Sauce Labs provides a number of features that help secure your testing experience and ensure that your data and applications are safe while using our cloud platform. One of the most popular features is Sauce Connect Proxy—a built-in HTTP proxy server that opens a secure "tunnel" connection for testing between a Sauce Labs virtual machine or real device and a website or mobile app hosted on your local computer ("localhost") or behind a corporate firewall. It provides a means for Sauce Labs to securely access your application or website. 

Over last two years, our team has continually updated Sauce Connect with new features, security improvements, and critical bugs fixes related to functionality and performance, including:

  • Fixed file descriptor leaks

  • Mitigated unexpected crashes

  • Enabled support for Apple’s best practice for network security (App Transport Security - ATS) for sites/apps with self signed certificates

  • Improved PAC file parsing

  • Added validation of of command line inputs for tunnel and direct domains

  • Introduced use of certificates signed by a Certificate Authority (CA) rather than self-signed certificates in Sauce Labs internal tunneling infrastructure

  • Introduced OCSP certificate validation

  • Implemented application Notarization on MacOS - Catalina and newer require Sauce Connect client binary to be Apple notarized

To take advantage of all these improvements, we have been strongly encouraging customers to upgrade to the latest stable release - 4.6.2. The latest version has been in production without any known major issues.

To help improve the security posture of Sauce Labs and our users, we recently announced that we will discontinue support for older Sauce Connect versions. Our plan is to deprecate versions 4.5.0 and below on Dec 31, 2020 and versions 4.6.2.and below on March 31,  2021. These changes impact customers using old, standalone Sauce Connect binaries as well those using old the Sauce Connect binary prepackaged with our OnDemand Jenkins Plugin.

Update Process

Customers who are still using an outdated version of Sauce Connect should follow these steps to make the appropriate updates:

  • If you use an old, standalone Sauce Connect binary (version 4.5.0 or below) then please upgrade to Sauce Connect 4.6.2 or above from the following link. Test the new version in a development or staging environment by running some manual and automated tests. If you don’t notice any issues then please upgrade your production environment to the new version.

  • If you use an old Sauce Connect binary prepackaged with the Sauce OnDemand Jenkins plugin (versions 1.187 and below) then please use Jenkins system configuration to update to the latest OnDemand Jenkins plugin (or version 1.188 or higher).

Best Practice and Future Releases

We regularly ship new features and improvements with Sauce Connect client releases. We recommend that customers use the latest version of Sauce Connect released in the last three months and make routine updates to the Sauce Connect client. 

In 2021, we are planning to make several fundamental changes in Sauce Connect backend. These changes will necessitate discontinued support for all previous versions of the Sauce Connect client. In preparation for this change we strongly encourage customers to prepare and test processes for all of their environments (dev, stage, and production) that will give them flexibility to upgrade the Sauce Connect client on short notice.

Please contact support@saucelabs.com if you have any questions or need additional information.

Published:
Dec 2, 2020
Share this post
Copy Share Link
© 2024 Sauce Labs Inc., all rights reserved. SAUCE and SAUCE LABS are registered trademarks owned by Sauce Labs Inc. in the United States, EU, and may be registered in other jurisdictions.