Can Portal be configured without CA certificate?

03-12-2020 11:15 AM
New Contributor III

Hi Friends, I have installed Portal for ArcGIS but I need configure it. Would there be any way to configure Portal for ArcGIS without needing a CA certificate? 

Thanks and Regards! 

0 Kudos
2 Replies
Esri Notable Contributor

Certificates are primarily about trust, (aside from certificate mismatch and expired certificate related problems). If you want to use a self-signed certificate, any clients need to trust the certificate, for example by importing the certificate into the trusted root certificate store. Since all clients need to explicitly trust self-signed certificates, the recommendation is to use a certificate from a well-known certificate authority, or a certificate signed by your domain signing authority.

Esri Contributor

Hi Ángel Daniel Suárez Calero‌, 

The underlying reason for using trusted CA signed certificate over self signed certificate that comes with the portal, is that the trusted signature provides a security mechanism that allows a client application to verify the identity of the server it is talking to - thereby mitigating against unauthorised interception of client communication. Any certificate errors seen when using Self Signed certificates is a side effect of security mechanism being violated. All of Esri's documentation strongly recommends the use of CA certificates, an example can be found here -Import a certificate into the portal—Portal for ArcGIS (10.7 and 10.7.1) | Documentation for ArcGIS ....  I hope this has helped answer your question.