SSL Webapps

3826
4
Jump to solution
08-20-2015 11:42 AM
IgorBalotsky1
Occasional Contributor

I currently have a Portal environment that is using SSL only. I also went into My Organization > Security > Allow access to the portal through SSL only checkbox checked. However after I create a new WebApp the URL is set to HTTP and when I go to edit it and try to change the URL manually, the changes don't stick and revert to HTTP even though I am the administrator and owner of this web mapping application.

The only way to get around it is ask the users to manually change the URL to HTTPS which is a big burden. The interesting part is that webappbuilder opens in HTTPS.

Any way around this or do we need to wait until 10.4?

Thanks,

Igor

0 Kudos
1 Solution

Accepted Solutions
GregAnspach
New Contributor II

I came across this problem as well.  The only solution that worked for us was do an 'Add Item -> Application' in My Content.  Then point the URL to the correct https link instead of http and share this new application instead of the webapp.  The end user will see no difference...

Hope that helps!

View solution in original post

4 Replies
PaulDavidson1
Occasional Contributor III

There's an existing thread that seems related:

Re: Adding unsecured services

and from that, it appears the only option is to set security on the AGS to "HTTP and HTTPS" ?

I am pretty sure that at the UC and the installation and admin docs, Esri has made it clear that SSL is the way to go.

I believe the statement in a session on Portal administration was something to the effect of:  "We used to say the Best Practice was to use HTTPS and SSL.  Now we are saying it is the required practice."

I sure hope there's a solution for this!

I am busy building up a Portal with only https/ssl like yours because Geo Net has indicated that's the best way to get WAB to work with services behind firewalls.

0 Kudos
ChadKopplin
Occasional Contributor III

Do you only have one web adaptor instance set up?  It sounds like you may have one and the default is a local instances that is more than likely unsecured.  In IIS you will need to create a secure web site, with binding set to 443.  Once you have this set up, then you can point a new web adaptor instance to this secured site, then the HTTPS should hold.  I am not certain.  Thank you.

IgorBalotsky1
Occasional Contributor

I checked my server and I only have 1 web adaptor on port 443 - the IIS is also configured for 443 only as well. Everything is working fine on the Portal on SSL except after you create a new web app and try to access the URL in .../webappviewer/* it's somehow setting the URL to start with http:// and when I try to edit the URL the changes don't stick although the web app works fine on https if typed in manually.

0 Kudos
GregAnspach
New Contributor II

I came across this problem as well.  The only solution that worked for us was do an 'Add Item -> Application' in My Content.  Then point the URL to the correct https link instead of http and share this new application instead of the webapp.  The end user will see no difference...

Hope that helps!