Version:12.1.6 Build:224 - We’re in the process of reviewing the encryption level we’re using in our Active Directory environment. The servers where we run Web Viewer showed usage of an outdated encryption scheme. Unfortunately, the alert did not go into much detail beyond that. We have started looking for the root cause. Does the Web Viewer product (or features) have/use any calls to the Active Directory?
Release : 12.1
Outside of LDAP (which this customer is not configured to use), the 12.1 Web Viewer does not use any calls to the Active Directory. Also checked whether CCI is using SSL/TLS. From the customer server.xml, it appears as though they are not using SSL/TLS from Tomcat either.