Problems adding external WMS reference (Spain Catastro) in Portal

170
2
Jump to solution
11-03-2022 04:04 AM
Labels (2)
RafaEsteveMartínez
New Contributor II

Hi.

We are trying to add some external references to public WMS services inside our portal (using New Item | URL).

When adding one of them, from the Spanish Catastro (https://ovc.catastro.meh.es/Cartografia/WMS/ServidorWMS.aspx), Portal shows an error message saying "error connecting to service". The log shows a couple of Severe error messages, saying:

We have no problems with other WMS services, and we can add the Catastro WMS service as a service connection in an ArcGIS PRO project.

According to Fiddler, the web request that is failing (with a "500 - Internal Server Error" code) is this one that gets launched by the item adding process:

https://our.server/portal/sharing/proxy?https://ovc.catastro.meh.es/Cartografia/WMS/ServidorWMS.aspx?SERVICE=WMS&REQUEST=GetCapabilities 

Our DevOps people has tried the solution listed here (different problem, similar symptoms), but the error is still there.

Is there some way of checking that the certificates are working with Portal as they should?

Considering we are not sure the certificates solution is attacking the source of the problem, can we try some other thing in order to connect to this service?

We are using ArcGIS Enterprise 10.9.1 (build 28388).

Thanks

Tags (2)
0 Kudos
1 Solution

Accepted Solutions
JeffSmith
Esri Contributor

Yes, I think the issue you are seeing is related to the certificate not being trusted.  An easy way to check that is to use the checkUrl endpoint in the Portal sharing api (assuming HTML access is enabled).
https://our.server/portal/sharing/rest/portals/checkUrl

This will tell you if the certificate for that url is trusted or not.  Assuming it is not trusted, you may need to import both the root and intermediate certificate for the CA that signed the certificate.  Portal will need to restart after importing these certificates.  Once restarted, use the checkUrl endpoint again to confirm it is trusted.

To get copies of those root and intermediate certificates, the easiest way is to use Chrome or Edge to view the details of the certificate and you can export each one from there.

View solution in original post

2 Replies
JeffSmith
Esri Contributor

Yes, I think the issue you are seeing is related to the certificate not being trusted.  An easy way to check that is to use the checkUrl endpoint in the Portal sharing api (assuming HTML access is enabled).
https://our.server/portal/sharing/rest/portals/checkUrl

This will tell you if the certificate for that url is trusted or not.  Assuming it is not trusted, you may need to import both the root and intermediate certificate for the CA that signed the certificate.  Portal will need to restart after importing these certificates.  Once restarted, use the checkUrl endpoint again to confirm it is trusted.

To get copies of those root and intermediate certificates, the easiest way is to use Chrome or Edge to view the details of the certificate and you can export each one from there.

RafaEsteveMartínez
New Contributor II

Solved: the problem was that we didn't import the intermediate certificate. Once done, everything worked like a charm!!

Thanks

0 Kudos