000033094 - Outbound requests made to Akamai servers from RSA Archer Job Engine

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support on Sep 17, 2019
Version 3Show Document
  • View in full screen mode

Article Content

Article Number000033094
Applies ToRSA Product Set: Archer
RSA Product/Service Type: Archer
IssueNetwork logs show ArcherTech.JobFramework.Job processes making a large number of outbound requests to external servers registered to Akamai. Is this the expected behavior?

Akamai is a content hosting service that hosts certificate revocation lists. When the Archer Job Engine makes calls through HTTPS, it also makes calls to Akamai to check for certificate revocation.
ResolutionTo prevent the external calls to Akamai you can do the following:
  1. Disable CRL checking for the user account running job engine. Note that this does NOT disable signature verification.  The signing cert is still matched against the trusted root store and must be valid.
  2. In the Registry Editor, navigate to HKEY_USERS[SID of user account running Job Engine]\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing.
  3. Change State from 23c00 (default, checking enabled) to 23e00 (checking disabled)

Use the steps in the article to find the Security ID (SID) of the user account running the job engine via command line.

Attachments

    Outcomes