Renew a certificate (Azure Cloud Builder 10.8)

Hi, thanks for responding.

I hope I'm not getting confused between 10.7.1 and 10.8, but I 'think' when I added the certificate in Cloud builder on the first install it configured everything.

My certificate is now due to expire and I'm not sure where or how to renew as there are a lot of components involved.

Does that make sense?

Hey there Tony,

   I think I understand what you are asking. So typically in an enterprise deployment there are three-five places you can look at to import your new certificate. 

   Each major component, ArcGIS Enterprise Portal, ArcGIS Server, and ArcGIS DataStore, by default uses a self signed cert. An environment will work with these, but best practices is to replace these with a CA signed cert for production. Best thing for you to do is to go to the locations of each listed below and see if its using self signed or not. If you find the self signed, I would leave it alone, otherwise replace them with your new certs:

• ArcGIS Portal
• ArcGIS Server
• ArcGIS DataStore

Since azure uses IIS rewrite rules, you are most likely not using web adaptors. As such, you may have to import the cert directly into the V2. I looked around for a way to do this and found this article (https://docs.microsoft.com/en-us/answers/questions/51336/appgateway-v2-certificate-issue.html) ((Not an esri component, so I would double check my work here))

Hi Jon,

Thank you very much for your response. 

When I look at the SSL Certificate(s) on both Portal and Server (single tier), each one has an issuer value of the Azure VM url e.g. [vmname].internal.cloudapp.net so I assume this means Portal and Server are both using a self-signed cert?

If this is the case, does it mean I would only need to look at renewing the certificate on the App Gateway https listener? 

Thanks again