Portal - HTTPS only

2783
4
02-06-2017 04:11 AM
TB2
by
New Contributor

Hi everyone,

I am having a huge headache with my Portal. I hope you can help me in finding a solution.

I've installed Portal for ArcGIS Server 10.4 (Windows) and the portal is working very well with http, but not with https.

What I did so far (according to this instruction: http://server.arcgis.com/en/web-adaptor/latest/install/iis/enable-https-on-your-web-server-server-.h...😞

 

If I click “Advanced” > "Go on to https://webadaptor.domain.com/ (unsecure)", I see the sign in mask, but:

I’ve cleared the browser cache multiple times. Is there a Portal cache that needs clearing?

Here are settings from Portal’s Security Settings:

"Allow Access to the Portal through https only" is checked

"Allow anonymus access to your portal" is unchecked

 

And from the Portal Administrator Directory (Home > System > Web Adaptor):

 

The ports used by Portal are allowed (see Ports used by Portal for ArcGIS—Portal for ArcGIS (10.5) | ArcGIS Enterprise )

To sum up, I don't know why https is unsafe. Who can help me solving this problem ?

Any help is highly appreciated. Thanks in advance!

Regards,

TimBuktu

0 Kudos
4 Replies
JonathanQuinn
Esri Notable Contributor

This isn't related to with Portal, but your certificate and IIS.  The problem is that your browser doesn't trust the root certificate issuer for the certificate you're using for the 443 binding in IIS.  You mentioned it's a domain certificate, so it's likely that the machine you're on doesn't trust the domain root certificate.  Verify if your root certificate is in the trusted root certificate store and if it isn't, import it.  You can always just ignore the error, as it's more annoying than problematic in most cases, but that's not a user-friendly experience.

MaxineMusterfrau
New Contributor II

Hi JQuinn-esristaff,

I have exactly the same problem (Windows-Server 10.4, Portal 10.5). My connection is also not secure, but I use a self-signed certificate at the moment (“Issued To” and “Issued By” have got the same name).

Do I have to use mandatory a domain certificate to solve this problem? (And verify afterwards that the domain certificate is in the trusted root certificate store. See your links in the comment above)

 

Thanks for your help.

0 Kudos
JonathanQuinn
Esri Notable Contributor

If this is a sandbox/testing environment, self signed certificates can be OK, but again, it's more of an annoyance to always need to proceed through the cert warning.  You'll need to use a certificate that your machine trusts.  Typically, machines within a certain network will already trust the domain root certificate, if there is a domain certificate authority.

MaxineMusterfrau
New Contributor II

Ok, I think I got it now. Thanks so much for all your help!

0 Kudos