Enviro: ArcGIS Server 10.2.2
When I add a secured layer from my server to AGO Content, it asks for credentials, but it doesn't actually store them. I can confirm that I can add a secured service from another company's server and it prompts to save the credentials.
The differences I see are that ours are httpS and theirs is just http. We also had the site locked down at the root level instead of being secured at the service level. (I tried switching this to being open at the server level and secured at the service level, but it did not seem to fix the issue.
The only thing I can think of is that it may not be fully trusting our certificate. We have a real certificate, not a self signed one, but if you click the lock in chrome, it says that the "identity has not been verified".
Can others verify that they are able to add httpS secured services with credentials to AGO? Has anyone ran into this problem?
My service (httpS) not saving credentials.
Other company service (http) saving credentials.
Chrome security info: (verified by our Company Corporate CA)
Solved! Go to Solution.
The URL should be HTTPS. It sounds like you have a certificate problem. Who is your certificate provider? There are sites that can report errors on SSL, like this one:
https://www.sslshopper.com/ssl-checker.html
Also, only ArcGIS Server Token based security is supported, not web tier.
Hope this helps,
Mike
The URL should be HTTPS. It sounds like you have a certificate problem. Who is your certificate provider? There are sites that can report errors on SSL, like this one:
https://www.sslshopper.com/ssl-checker.html
Also, only ArcGIS Server Token based security is supported, not web tier.
Hope this helps,
Mike
Pretty sure this is the issue. I've got my network guys on it. We put an internal cert issued on the internal webserver, but I'm not sure they setup the cert on the external server correctly. That ssl checker showed some errors so we'll see what happens when we get that cleared up.
Apparently our proxy server only supports SHA1 and the cert they gave us uses SHA2. Waiting to try it out once that gets fixed.
We got a new SHA1 certificate b/c we couldn't just upgrade our proxy to handle SHA2. As soon as we got everything in place with a full chain, it started working. Thanks, Mike Minami
So...
Credentials CAN BE stored if:
But CANNOT BE stored if: