Can I use an AWS SSL with ArcGIS Enterprise?

1627
4
Jump to solution
12-28-2020 01:11 PM
MikeSchonlau
Occasional Contributor III

Does anyone know if I can deploy ArcGIS Enterprise 10.8.1 on AWS using either Cloud Builder or a CloudFormation template and an AWS SSL certificate? We did this with a stand-alone ArcGIS Server Cloudformation deployment a few years ago. Wondering if it is supported with ArcGIS Enterprise? 

 

Thanks

Mike S

1 Solution

Accepted Solutions
by Anonymous User
Not applicable

Hi Mike

If you want to use the Cloudformation template, you have to modify the existing template by removing the certificate validation and userData section to allow the template to skip this part. Luckily the chef script could handle if no SSL provided when it setup IIS.

Regards,

Bing

 

View solution in original post

4 Replies
SamLibby
Esri Contributor

I assume you are referring to ACM when you say 'AWS SSL Certificate"?

I believe the way the CloudFormation templates work now, they expect you to have a certificate file provided. You could then later add an Application Load Balancer with an Amazon (ACM)-managed Certificate, if you wanted to switch to using that, but I don't think there is a way to roll one CF template that includes an ACM cert. 

MikeSchonlau
Occasional Contributor III

Hi Sam

Yes - ACM. I've already done this successfully last year with stand-alone ArcGIS Server and Cloudformation. I had to create the Load Balancer first using the Cloudformation template and the ARN of my ACM cert, then I was able to reference the load balancer and leave the cert out of the Cloudformation template for the stand-alone ArcGIS Server site. That setup has been running in production for about 18 months now.

I was wondering if I could do the same thing with Enterprise. I may just need to try it. Thanks for the feedback

by Anonymous User
Not applicable

Hi Mike

If you want to use the Cloudformation template, you have to modify the existing template by removing the certificate validation and userData section to allow the template to skip this part. Luckily the chef script could handle if no SSL provided when it setup IIS.

Regards,

Bing

 

JoeHershman
MVP Regular Contributor

Did you find a good solution for this?  I have never looked into these tools previously.  I find it rather odd that the toolsets for using AWS aren't built around the idea of using Certificate Manager. 

Thanks,
-Joe
0 Kudos