Community

Pro prompts the user to accept the ArcGIS Server server's certificate despite having a Portal connection

780
3
Jump to solution
03-11-2020 03:15 PM
ZianChoy
by
Occasional Contributor
‎03-11-2020 03:15 PM

When I "Share a layer" in Pro 2.5 to a federated Portal, I get prompted to accept the certificate assigned to the Server computer that is federated with Portal. The pop up indicates that Pro is trying to talk to the fully-qualified domain name of the machine (e.g. ObscureJoke.datacenter.local) running Server.

I expected Pro to talk to Portal (not Server) and let Portal deal with the communications to Server because Portal and Server are federated. I also wasn't expecting a certificate prompt because the public Portal URL I gave Pro routes traffic through a connection that has a CA-signed certificate and that certificate works just fine with the right host name (e.g. example.firstwatch.net).

How do I convince Pro to stop trying to reach behind Portal's back? I don't want to tell all my Pro users to ignore SSL certificate prompts.

0 Kudos
1 Solution

Accepted Solutions
JonathanQuinn
by Esri Notable Contributor
Esri Notable Contributor
‎03-12-2020 11:08 AM

There is still client side traffic to Server. Your machine doesn't trust the certificate used for the admin URL in the federation. You can either import the certificate into the Trusted Root Certificate Authority store on your client machine, (which will only fix the problem on your machine) or use a certificate that your machines will trust by default, like a certificate signed by your domain signing authority or well known certificate authority.

View solution in original post

3 Replies
BenTurrell
by
Occasional Contributor III
‎03-11-2020 05:48 PM

Hey Zian Choy‌,

Have you imported the ssl certificates into ArcGIS Server?

Configure ArcGIS Server with an existing CA-signed certificate—ArcGIS Server Administration (Windows... 

The above link will walk you through the steps and should stop the ssl issues.

Thanks,

Ben

If this answer was helpful please mark it as helpful. If this answer solved your question please mark it as the answer to help others who have the same question.

JonathanQuinn
by Esri Notable Contributor
Esri Notable Contributor
‎03-12-2020 11:08 AM

There is still client side traffic to Server. Your machine doesn't trust the certificate used for the admin URL in the federation. You can either import the certificate into the Trusted Root Certificate Authority store on your client machine, (which will only fix the problem on your machine) or use a certificate that your machines will trust by default, like a certificate signed by your domain signing authority or well known certificate authority.

ZianChoy
by
Occasional Contributor
‎03-20-2020 09:17 AM

Thanks for the tip. I imported the certificate (public key only) into a coworker's computer and he was able to publish without getting the pop up.

0 Kudos