We're looking to eliminate all SHA1 encrypted traffic in our infrastructure componenets. Does DCRUM use SHA1- based SSL certificates in communications between the DCRUM components.
Answer by Chris V. ·
In 12.3, the default SSL mode was changed to support TLS1.2 cipher suites (disabling older less secure ones), so the CAS/ADS/RUMC/CSS will negotiate a TLS1.2 connection with your browser, I regularly see it using ECDHE/AES128/SHA256 session encryption.
The out of the box certificates* however are signed with SHA1. The signature algorithm used on the certificate ha no bearing on the quality of the session encryption used.
*you should really be generating your own not relying on the out of the box certificates.