While at a client site installing and configuring ArcGIS Monitor, I needed to set up the ArcGIS Monitor Reporting Server with the client’s SSL Domain Certificate for the server so that no security error would be thrown when accessed. I was given the certificate in the PFX format (binary format for storing the server certificate, intermediate certificates, and the private key) common to Windows and readily imported by IIS. ArcGIS Monitor does not use IIS and requires that the Certificate and Private key be in separate files and in PEM format (Base64 encoded ASCII files).
Here are the steps I used to move from the single PFX file to the two PEM files required by ArcGIS Monitor Server.
- Download/Install OpenSSL software on an available workstation (For information on OpenSSL please visit: www.openssl.org)
- Open a command window and navigate to the PFX file location
- Extract the Public/Private key-pair
- Extract the Certificate
- Get the Private Key from the key-pair
- The private key needs to be converted to pkcs8 format ***Copy the output and save it as sample_private_pkcs8.pem***
- Copy the sample_private_pkcs8.pem and sample_cert.pem files to the <Installation location>\ArcGIS Monitor\Server\ssl directory on the ArcGIS Monitor Report Server.
- Start ArcGIS Monitor Administrator - the Connections view appears.
- Click the File menu and click Open - the Open File dialog box appears.
- Browse to the <Installation location>\ArcGIS Monitor\Server\settings directory on the machine where ArcGIS Monitor Server is installed, click config.db, and click Open.
- Click Server on the main menu - the Server configuration pane appears.
- Click the Private Key browse button - browse to and choose the sample_private_pkcs8.pem file and click Open.
- Click the Public Key browse button - browse to and choose the sample_cert.pem file and click Open.
- Click the File menu and click Save to save your changes.
- Click the File menu and click Close to return to the Connections view.
- Right-click the ArcGIS Monitor Server service in the Windows Services manager and click Restart.
- The result is a secure connection to the ArcGIS Monitor Report Server