Necessary background info: We are running in a DOD environment so I'm never sure when things don't work if it's my ignorance (GIS tech turned GIS admin overnight!) or the stringent constraints required by our IT staff.
Trying to set up a collaboration between our ArcGIS Enterprise 10.51 Portal (Guest) and our AGOL organization account (Host). Guest: multi-factor (Card/PIN) network access, SSO, IWA, PKI client certificate based web-tier authentication
Host: simple ol' user name & password.
I run into problems when I get to the Import Invitation Response Step 3a & b of the help document (see attached also):
On the Accept Guest Organization dialog box, browse to the invitation response file. Information about the guest participant, including the contact person and organization URL, will appear once you've chosen the file.
- If the guest organization requires web-tier authentication, select the Yes option, enter the credentials for the guest's web authentication, and click Accept Guest Organization.
- If the guest organization is secured using PKI client certificate based web-tier authentication, click Choose File and browse to a PKI user certificate in a .pfx file format. Click Accept Guest Organization.
The user credentials contained in the client certificate should be able to successfully authenticate against the PKI client certificate challenge from the guest. The user does not need to be a named user on the guest organization.
I tried (a): in IE > Settings > Internet Options > Content > Certificates, exported one of my certs (exporting private key is not allowed) in the both .CER and .P7B formats. I upload my cert(s) and input my PIN and it seems to accept it each time however, when on the Host site I go to Collaborations / Workspace: Guests / Guest Org, the Status = Not Supported but on the Guest site Status = Joined. Also tried (b): from Portal Admin site > Security > SSLCertificates > portal > export and using those with the portal admin password with same results.
Any help is appreciated!