> 1. Within Portal under My Organization --> Edit Settings, do you have the box checked to only use SSL?
Yes, SSL only. No Anonymous Access.
> 2. Within the Administrator Directory of ArcGIS for Server, under the Security section
> have you specified HTTP Only, HTTPS Only, or HTTP and HTTPS? Additionally, under
> the Machines section have you imported the same security certificate and specified it for
> your AGS machine (if not using self-signed in IIS)?
Oops. I think this question points to my problem. This server was a test server for ArcGIS Server 10.2 and geoevent processor. ArcGIS server is running on HTTP; geoevent processor is using HTTPS. I also use ArcGIS built-in user store. I installed Portal for ArcGIS and a web adapter on top of them. I enabled SSL on Portal and IIS only.
> 3. Within IIS, do you have a security certificate bound to the website under which your web
> adaptor(s) exist? Are you using a web adaptor for ArcGIS for Server whatsoever?
I did follow Portal help file to setup a web adapter with a security certificate. But that is a web adapter for Portal. I don't have a web adapter for ArcGIS server.
> 4. If you are using a CA-signed certificate (i.e., not self signed), does the NAME property for the
> certificate use the Fully-Qualified Name (FQN) of the host?
No. I don't have a CA-signed certificate.
> On another note, are you running the ArcGIS for Server Windows Service as a local account or
> a domain account? Does that account have full permissions on the 'arcgisserver' directories?
A local account. It does not have the permission on the 'arcgisserver' directories.
Thank you for your advice. I shouldn't put all those components in one server with different security configurations. I plan to purge my test server and rebuild it again.
Thank you for your help.
Luke