Community
Select to view content in your preferred language

ArcGIS Server/Portal SSL Certificate connection error - Apple Devices

313
2
Jump to solution
12-09-2024 09:45 AM
EricSpangenberg
by
Occasional Contributor
‎12-09-2024 09:45 AM

We have installed our CA-signed certificate at the IIS web server level and it is successfully binded to HTTPS port 443. Then following the best practices document we have configured both Portal and ArcGIS Server with the same CA-signed certificate.

These are the same steps we have followed every year when the certificate renewal was necessary.

Recently (last week), we discovered that Apple devices (iPads, Macs..) were not connecting to our web services. Users received the "connection not private" error message and then would refuse to connect.  The interesting part is that when we look at the certificate from the URL on those devices, it is referencing our CA-signed certificate that is valid?

Any internal network user or application has no problem connecting to our REST services, and testing outside of the network from home or mobile (non-apple) devices has no problem connecting.  Only those users with Apple devices have the connection problem?

We will work with our IT staff to get updated root and intermediate certificates and then add those to our Portal and Server sites - see if that fixes the problem for our Apple users.

Just curious if anyone else is seeing this problem with Apple users.

0 Kudos
1 Solution

Accepted Solutions
EricSpangenberg
by
Occasional Contributor
‎12-11-2024 01:20 PM

Thank you TimoT for the response, that was actually right on or very close to what we discovered.

After explaining the problem with our IT Network group, they took a closer at the proxy server and discovered it had an older, but still valid certificate.  It didn't match the one from our ArcGIS Server.

Long story short, network staff replaced the certificate on the proxy with the same one that is on our GIS server and "wallah" all devices now trusted our site.  Problem solved.

 

View solution in original post

2 Replies
TimoT
by
Frequent Contributor
‎12-11-2024 12:45 AM

Some devices, apps, or operating systems are stricter with SSL/TLS validation.

Try testing your portal/server domains with an SSL checker like SSL Labs.

You might have an incomplete or incorrectly installed intermediate/root certificate chain on the web server that your end users are terminating to. While most devices and apps handle this fine, stricter systems may run into issues.

0 Kudos
EricSpangenberg
by
Occasional Contributor
‎12-11-2024 01:20 PM

Thank you TimoT for the response, that was actually right on or very close to what we discovered.

After explaining the problem with our IT Network group, they took a closer at the proxy server and discovered it had an older, but still valid certificate.  It didn't match the one from our ArcGIS Server.

Long story short, network staff replaced the certificate on the proxy with the same one that is on our GIS server and "wallah" all devices now trusted our site.  Problem solved.