I've deployed an ArcGIS Enterprise setup to Azure, and now I'm trying to install a CA-issued certificate so that the services can be accessed via HTTP without warnings. While Esri provides good documentation on how to install the certificate here, they provide no guidance on how to obtain the certificate, other than that I'm supposed to magically obtain a .pfx file somehow.
My initial attempts have led me to a couple of roadblocks:
Does anyone have any guidance on how to obtain a CA-issued certificate for ArcGIS Enterprise on Azure?
I had similar frustrations, as I too am using a Comodo issued certificate... Both documentation and tech support seemed to lack clear details of the azure/web adapter arrangement. Ultimately I was unable to get a certificate issued for the azure dns name of my ArcGIS Enterprise azure vm ([your dns name].[location].cloudapp.azure.com) as you mentioned in roadblock 1, as we obviously don't have control over the DNS server for said domain... A definite bummer as it would be great if you could create standalone ArcGIS Enterprise sites on azure without the need for a registered name.
In the case that you do have a domain of your own (or subdomain which is my case, I happen to also host my subdomain DNS with Azure DNS service, but most DNS providers have the same functionality) the instructions are still unclear. I pointed my (sub)domain to my [your subdomain].[location].cloudapp.azure.com address via a CNAME in my DNS record. A good article describing the process and more generally "DNS for noobs" (me) available here Install a CA-issued certificate—ArcGIS Enterprise | ArcGIS Enterprise . Though this article refers to Azure "Web Sites" think of them as synonomous with your Azure ArcGIS VM and replace their references to [your subdomain].azurewebsites.net with your [your subdomain].[location].cloudapp.azure.com
Anywho, back to getting the certificate issued, the steps below obviously won't get you a cert for your azure name, but it may help someone who is trying to get their site on Azure to function using a cert for a domain/subdomain they own. These steps presume you are using some form of CNAME records on the DNS of your choice to point your chosen domain to your azure domain:
Voila! when I visit gis.contoso.com, my URL doesn't switch to the azure provided domain name, and my browser is happy with the name on my CA issued certificate. All is well in my world.
This may not get at exactly what you are looking for, but I still hope it helps you or someone else who is struggling with getting things up and running on Azure. I'm new to Azure, and would have much preferred to deploy to AWS due to my experience with the platform, but this current project dictated I use Azure, and after the few initial glitches, I can say I'm actually very satisfied with how easy it's been to maintain. The ArcGIS Cloud Builder for Azure sure made things seeeeeeem simple, but in retrospect, I should have probably just grabbed an esri image from the marketplace and set things up myself... I would have likely figured out the glitches faster than staring at the pretty UI and expecting things to just happen Cheers and good luck