000033094 - RSA Archer Job Engine makes outbound requests to Akamai servers

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000033094
Applies ToRSA Product Set: Archer
RSA Product/Service Type: Archer
RSA Version/Condition: Any
IssueNetwork logs show ArcherTech.JobFramework.Job processes making a large number of outbound requests to external servers registered to Akamai. Is this the expected behavior?
Akamai is a content hosting service that hosts certificate revocation lists. When the Archer Job Engine makes calls through HTTPS, it also makes calls to Akamai to check for certificate revocation.
ResolutionTo prevent the external calls to Akamai you can do the following:
Disable CRL checking for the user account running job engine. Note that this does NOT disable signature verification--the signing cert is still matched against the trusted root store and must be valid.
HKEY_USERS[SID of user account running Job Engine]\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing
Change State from 23c00 (default, checking enabled) to 23e00 (checking disabled)
To find the Security ID (SID) of the user account running the job engine, you can use the command line as described in this link:
http://www.windows-commandline.com/get-sid-of-user/

Attachments

    Outcomes