ArcGIS Data Store and Portal admin URL using DNS

438
2
09-16-2019 02:32 AM
Highlighted
Esri Contributor

Hi,

I have a customer I am setting up ArcGIS Enterprise 10.7.1 for.

Customer wants to use DNS alias based admin URLs for ArcGIS Server, Portal and Data Store. I could achieve this for  Server but I am not sure how I can force ArcGIS Server to register the Relational Data Store over the DNS based URL rather than FQDN of the server. e.g. use https://datastore.portal.company.com:2443/arcgis instead of https://server1234.domainname.com:2443/arcgis 

Even if I launch the Data Store URL as https://datastore.portal.company.com:2443/arcgis for the configuration, ArcGIS Server still registers it as https://server1234.domainname.com:2443/arcgis

Same thing for ArcGIS Portal. I want to use DNS alias based admin URL e.g. https://gis.portal.company.com:7443/arcgis instead of https://server9999.domainname.com:7443/arcgis using privatePortalURL. But this seems to be possible only if there is a third party load balancer as explained in Configure a highly available portal—Portal for ArcGIS (10.7 and 10.7.1) | ArcGIS Enterprise . Attempting above causes https://gis.portal.company.com:7443/arcgis to redirect to https://server9999.domainname.com:7443/arcgis

Also, is there a way to configure Data Store to use domain certificates including root and intermediate certificates? As per Replace ArcGIS Data Store SSL certificate—Portal for ArcGIS (10.7 and 10.7.1) | ArcGIS Enterprise I can only specify pfx file. How do I register root and intermediate certificates like ArcGIS Server?

Thanks in advance.

-Vish

Tags (3)
2 Replies
Highlighted
Occasional Contributor

Regarding Portal, is there anything stopping you from simply editing the federation urls (e/.g. private portal url) to https://dnsalias.domain.com...? You may find you also need to define the webcontexturl for Portal. I would be testing these configurations in a QA environment first as you will likely have to unfederate & federate several times to see which configuration provides the desired output.

Regarding datastore, I also have these questions.

Reply
0 Kudos
Highlighted
New Contributor III

You would add your intermediate and root certificates to the appropriate certificate store on the machine that you are using the certificate on.  Just the same way you would add them if you used that certificate for IIS.