Community

Let's encrypt is nearly here. Does ArcGIS Online trust it?!

3907
1
11-27-2015 01:30 AM
ChrisAdams
by Esri Contributor
Esri Contributor
‎11-27-2015 01:30 AM

I can see a lot of Esri customers move to Let's encrypt in the near future. What is the trust level with the Esri products?

For example,

https://helloworld.letsencrypt.org/

If you look at the certificate path, you will see that the root CA is a DST Root CA:

Digging into the Portal keystore, this root certificate is not in there out of the box. In theory, if imported in to the keystore and any other components like ArcGIS for Server, there will be trust within a Portal deployment.

Browsers will trust it and import the root CA into the OS certificate store so client machines will have that trust.

What about ArcGIS Online? Can Esri let us know if this is/going to be a trusted certificate within the ArcGIS Online keystore?

1 Reply
ChrisAdams
by Esri Contributor
Esri Contributor
‎02-14-2016 02:23 AM

After testing, I have found that ArcGIS Online does trust the Let's Encrypt certificate. The proxy can embed credentials for secured services.