We have recently upgraded to ArcGIS for Server 10.3 (Workgroup Standard), and are attempting to get Portal set up as well. The ESRI documentation indicates that using a 'Self-signed SSL certificate' should be used only for initial set-up and testing, and that we should be using a 'CA-signed certificate' or a 'Domain certificate'.
I have been working with our IT dept. and they have attempted to get a 'CA-signed certificate', but were unable to complete the process because the web server that we are using is completely internal to our organization (i.e. domain.local), and because of this the CA is unable to process the request (they are wanting a .com/.net address). Further, our IT dept. is unsure of what a 'Domain certificate' is or how to create one.
Currently everything seems to be working with the 'Self-signed certificate' in place, so my questions are as follows:
- Are there any reasons we cannot continue to use a 'Self-signed certificate' for our portal, being that we are operating behind a firewall, on a local network? (ESRI documentation seems to suggest that we will have several potential issues, including not being able to federate our server with our portal, connect to the portal from ESRI Maps for Office, unexpected behavior when printing hosted services and accessing the portal from client applications, etc.)
- Can anyone explain or direct me to documentation concerning how to create and sign a 'Domain certificate'?
- Any other suggestions?
Thanks in advance to anyone that might be able to steer us in the right direction!