I installed ArcGIS Monitor 10.8 with 444 for my local port.
I converted my local CA pfx file to a public and private pem file. My pfx file works for ArcGIS Portal and Server.
I put these public and private pem files to ArcGIS Monitor install_path\Server\ssl folder and config ArcGIS Monitor to use them.
However, Monitor Page within Chrome still has a warning message which indicates the certificate is invalid.
I compare it with the certificate within the Portal page, they look like the same.
Any idea? Thanks.
Hi Bing - how were you able to convert your pfx file to pem files? We have a Sectigo CA wildcard cert that contains a root and intermeditate certificates, but I've never been able to get the pfx to convert all levels. In your case, I think you need to create a DNS entry for the server hosting Monitor? I can see a port number in your url: .com.au:444
Your cert was issued from a internal CA and it is not trusted, so you need to import the root for your internal CA into the cert store used by arcgis monitor. Many of the more common root CA are already preinstalled in the cacerts file. You can use keytool.exe in the folder C:\ArcGIS Monitor\framework\runtime\jre\bin to see what root certs are pre installed and explore some other things. Lots of documentation on this tool.
Export the root cert for your internal CA from your browser to C:\temp\PKICorpRootCA.cer. the export file format should be Base 64 encoded x.509
These are the ROOT CA I have as shown in Chrome browser
You could also just export the root CA to file from the certification Path *******SDCP01-CA you show in you initial posting. Whatever works for you.
Example to import the root cert from the file C:\temp\PKICorpRootCA.cer from your internal CA:
cd C:\ArcGIS Monitor\framework\runtime\jre\bin
keytool -import -trustcacerts -keystore "C:\ArcGIS Monitor\framework\runtime\jre\lib\security\cacerts" -storepass changeit -alias pki_root -file C:\temp\PKICorpRootCA.cer
Thats my guess!