AnsweredAssumed Answered

AWS certificates for ArcGIS Enterprise deployment on AWS

Question asked by Andrew.Rudin@austintexas.gov_austin on Jan 22, 2018

Hello,

 

I'm curious if anyone has instructions or tips for generating self-signed certificates for use with development deployments of  ArcGIS Enterprise within an AWS VPC?

 

I'm brand new to AWS and I just want to test the platform, so I don't want to have to procure a CA certificate. We deployed an Enterprise machine in our on-premise data center using a domain certificate, which is good enough for early testing.  In AWS, I want the enterprise stack to be behind the VPC network, so no public DNS name required.  I tried using Route53 to create a domain name (which I intend to use just inside the VPC), and then using AWS Certificate Manager to generate a certificate for that domain.  But after the CNAME value is added to the domain in Route 53, the certificate never gets verified... after an overnight wait it still said "Pending Verification."  

 

I ran into this issue while tinkering with the new ArcGIS Enterprise Cloud Builder CLI for AWS. The tool requires you to have a certificate prior to creating the EC2 Instances and deploying the Esri images.  The Route 53 / AWS Certificate Manager process described above was just to do generate something that would allow the install to complete, but no luck.  I also tried downloading OpenSSL and generating a self signed certificate that way, but the Esri CLI / AWS returned an error when I used it.

 

I know self signed certificates are not for production, and I can figure that out later.  Right now I just want to test deploying the software in an automated way using Esri's tools, and doing some basic performance tests.

 

-Andrew

Outcomes