cas 7.3.0 - encryption warning

[rotts]

I am seeing this in my cas.log.
Not sure what setting in cas.yml I would change for this.

2025-11-05 13:26:46,958 WARN [org.apereo.cas.util.function.FunctionUtils] - <Invalid key for dir with A256CBC-HS512, expected a 512 bit key but a 256 bit key was provided.
JsonWebTokenEncryptor.java:encrypt:83
BaseStringCipherExecutor.java:encryptValueAsJwt:186
BaseStringCipherExecutor.java:lambda$encryptAndSign$8:302
FunctionUtils.java:lambda$doIf$3:110
>

[Ray Bon]

You have some old config. The newer version of cas is using longer keys. Generate new keys with the expected bit length. 

You could try setting the key length, but it has not worked for me.

Ray

---

From: 'rotts' via CAS Community <cas-...@apereo.org>
Sent: November 5, 2025 11:37
To: CAS Community <cas-...@apereo.org>
Subject: [cas-user] cas 7.3.0 - encryption warning

 

--
- Website: https://apereo.github.io/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/e73c1cca-425f-4917-9920-4f348ee0cefdn%40apereo.org.