AnsweredAssumed Answered

ArcGIS Server Self Signed Certificate Privacy Error: NET::ERR_CERT_COMMON_NAME_INVALID

Question asked by bromlein on May 2, 2019
Latest reply on Dec 12, 2019 by MarcusTWE

I just installed ArcGIS Server 10.7 Linux on a RHEL 7.6 machine and out of the box I'm getting an SSL error. I'm accessing ArcGIS Server directly (using a :6443 URL). When I view the certificate, things look normal:

I've generated/checked the certificate through the Server Admin portal and I've added the cert to my local machine's Trusted Root Certification Authorities.

Why am I getting this error and how can I resolve it?


EDIT: Looking at the default cert that ArcGIS Server generated, its Common Name (CN) was set to LOCALHOST (thus the Common Name Invalid error). I generated and installed a new cert with the Common Name set to the URL I use to access server manager and now Chrome is giving a different error: NET::ERR_CERT_AUTHORITY_INVALID.

 

I've tried to generate a certificate with the Subject Alternative Name (SAN) also set to my URL (following the Esri tutorial). Whenever I try to generate with DNS:my.url.com as the SAN, it gives the error Unable to Save SSL Certificate. Using an IP SAN (IP:xxx.xx.xxx.xx) works and resolves the SSL error in Chrome, so I believe a certificate containing a SAN with the URL would work.

 

After experimenting, the problem seems to be ArcGIS Server can't save the certificate when there's a number in the SAN field. Is there a work around for this or an escape sequence for numbers, or will I have to change the domain name of the machine?

 

EDIT 2: I ended up just changing the machine name and re-generating certs with the new name.

Outcomes