When I "Share a layer" in Pro 2.5 to a federated Portal, I get prompted to accept the certificate assigned to the Server computer that is federated with Portal. The pop up indicates that Pro is trying to talk to the fully-qualified domain name of the machine (e.g. ObscureJoke.datacenter.local) running Server.
I expected Pro to talk to Portal (not Server) and let Portal deal with the communications to Server because Portal and Server are federated. I also wasn't expecting a certificate prompt because the public Portal URL I gave Pro routes traffic through a connection that has a CA-signed certificate and that certificate works just fine with the right host name (e.g. example.firstwatch.net).
How do I convince Pro to stop trying to reach behind Portal's back? I don't want to tell all my Pro users to ignore SSL certificate prompts.
Solved! Go to Solution.
There is still client side traffic to Server. Your machine doesn't trust the certificate used for the admin URL in the federation. You can either import the certificate into the Trusted Root Certificate Authority store on your client machine, (which will only fix the problem on your machine) or use a certificate that your machines will trust by default, like a certificate signed by your domain signing authority or well known certificate authority.
Hey Zian Choy,
Have you imported the ssl certificates into ArcGIS Server?
The above link will walk you through the steps and should stop the ssl issues.
Thanks,
Ben
If this answer was helpful please mark it as helpful. If this answer solved your question please mark it as the answer to help others who have the same question.
There is still client side traffic to Server. Your machine doesn't trust the certificate used for the admin URL in the federation. You can either import the certificate into the Trusted Root Certificate Authority store on your client machine, (which will only fix the problem on your machine) or use a certificate that your machines will trust by default, like a certificate signed by your domain signing authority or well known certificate authority.
Thanks for the tip. I imported the certificate (public key only) into a coworker's computer and he was able to publish without getting the pop up.