search cancel

Evaluaterisk request working even after the Cert expired

book

Article ID: 203138

calendar_today

Updated On:

Products

CA Advanced Authentication - Strong Authentication (AuthMinder / WebFort) CA Strong Authentication CA Rapid App Security CA Risk Authentication CA Advanced Authentication

Issue/Introduction

Hi Folks,

We have noticed that even after enabling the native SSL port the regular transactions for the users are working fine even though we noticed the Cert expiry message in arcotafm.log file, we wanted to check if there are any additional configurations which is making this successful.

Thanks

 

Environment

Release : 9.0

Component : AuthMinder(Arcot WebFort), Arcot Riskfort

Resolution

In case of LDAP+RISK flow the Risk evaluation is done by the State Manager and we looked at the arcotsm.properties file which was configured for non SSL port and that is why all the user transactions were working just fine. Risk is done through the State Manager in case of LDAP auth + Risk or User Risk evaluation + LDAP password authentication.

State Manager is an internal component so it is fine to have it configured for non SSL port with Risk server.