AnsweredAssumed Answered

Portal Web Adaptor - You must bind your security certificate to port 443

Question asked by bromlein on Sep 16, 2020
Latest reply on Sep 18, 2020 by bromlein

Running RHEL 7.7, Apache HTTPD 2.4.6-09, Tomcat 7.0.94, ArcGIS Webadaptor 10.81, and ArcGIS Portal 10.81

 

I'm trying to set up Webadaptor for portal, but I'm getting the above configuration prerequisite error: You must bind your security certificate to port 443 on your web site before you can configure the Web Adaptor with Portal for ArcGIS.

 

I don't know why I'm getting this error. I have an ssl certificate configured and installed for httpd, and a working webadaptor installed for ArcGIS Server. I'm using a proxy in httpd to forward the traffic to 443 that works for server but not portal:

 ProxyPass /portal https://localhost:8443/portal
ProxyPassReverse /portal https://localhost:8443/portal
ProxyPass /arcgis https://localhost:8443/arcgis
ProxyPassReverse /arcgis https://localhost:8443/arcgis

I ran the setup script for web adaptor twice installed in two different directories, and copied each .war file to my webapps folder in Tomcat, one named arcgis.war (for Server) and one named portal.war (for Portal), then ran Tomcat with startup.sh. 

 

I've tried using the iptables solution suggested here (Web Adaptor for Portal) but after running the command. I'm still not able to configure Webadaptor. When I check, the rule isn't showing up in my iptables list:

 sudo iptables -S

Is there another way to set up the iptables rule or some other way to satisfy this requirement?

Randall Williams ?


EDIT: Using the above iptables rules, I am able to configure Web Adaptor locally (from a browser run on the server machine itself) and to access Portal via the Web Adaptor url (https://my.domain/portal/home) afterwards. But trying to access that url from another machine, I get a timeout error.

 

EDIT: I tried a fresh install of web adaptor, and following the instructions here (Use nondefault ports for the portal's ArcGIS Web Adaptor—Portal for ArcGIS | Documentation for ArcGIS Enterprise), I was able to configure it (however, this required running Tomcat as root since it has to write and read its config file from /root/... I don't want to do this outside proof-of-concept testing). Afterward, requests to https://my.domain/portal would redirect to https://my./domain:8443/portal/home and fail (since that port isn't open). I went in through the direct connection (:7443) and updated the WebContextURL (per Configure your portal to use a reverse proxy server—Portal for ArcGIS | Documentation for ArcGIS Enterprise) but still had the same issue (urls redirected.) Any other ideas for getting this working?

Outcomes