Hi,
I have a customer I am setting up ArcGIS Enterprise 10.7.1 for.
Customer wants to use DNS alias based admin URLs for ArcGIS Server, Portal and Data Store. I could achieve this for Server but I am not sure how I can force ArcGIS Server to register the Relational Data Store over the DNS based URL rather than FQDN of the server. e.g. use https://datastore.portal.company.com:2443/arcgis instead of https://server1234.domainname.com:2443/arcgis
Even if I launch the Data Store URL as https://datastore.portal.company.com:2443/arcgis for the configuration, ArcGIS Server still registers it as https://server1234.domainname.com:2443/arcgis
Same thing for ArcGIS Portal. I want to use DNS alias based admin URL e.g. https://gis.portal.company.com:7443/arcgis instead of https://server9999.domainname.com:7443/arcgis using privatePortalURL. But this seems to be possible only if there is a third party load balancer as explained in Configure a highly available portal—Portal for ArcGIS (10.7 and 10.7.1) | ArcGIS Enterprise . Attempting above causes https://gis.portal.company.com:7443/arcgis to redirect to https://server9999.domainname.com:7443/arcgis
Also, is there a way to configure Data Store to use domain certificates including root and intermediate certificates? As per Replace ArcGIS Data Store SSL certificate—Portal for ArcGIS (10.7 and 10.7.1) | ArcGIS Enterprise I can only specify pfx file. How do I register root and intermediate certificates like ArcGIS Server?
Thanks in advance.
-Vish
Regarding Portal, is there anything stopping you from simply editing the federation urls (e/.g. private portal url) to https://dnsalias.domain.com...? You may find you also need to define the webcontexturl for Portal. I would be testing these configurations in a QA environment first as you will likely have to unfederate & federate several times to see which configuration provides the desired output.
Regarding datastore, I also have these questions.
You would add your intermediate and root certificates to the appropriate certificate store on the machine that you are using the certificate on. Just the same way you would add them if you used that certificate for IIS.