English

Problem: Certificate error is returned when publishing to Portal for ArcGIS from ArcGIS Server

Description

When publishing to Portal for ArcGIS from ArcGIS Server, the following error is returned in the ArcGIS Server logs:

Error:   
The certificate authority is invalid or incorrect WinINet ERROR_INTERNET_INVALID_CA, 12045), URL = http://www.arcgis.com/home/
[O-Image]
Note:
The URL 'http://www.arcgis.com/home/' is an example of a site without an appropriate certificate. The URL differs for each user and scenario.

Cause

The following are possible causes for this error.

  • The Secure Socket Layer (SSL) certificate is issued by an unknown or unauthorized Certificate Authority (CA).
  • GIS-tier authentication tokens from ArcGIS for Server are expiring.
  • The self-signed certificate is causing errors with the HTTPS configuration between sites.
  • Restarting the physical machine, which hosts a federated Portal for ArcGIS and ArcGIS for Server configuration.

Solution or Workaround

Follow the workaround provided to address this issue.

  1. Modify the lifespan of the token and increase the timeout period. Refer to the following document for a detailed description: Portal for ArcGIS: Specify the default token expiration time.
  2. Establish trust between ArcGIS Server and Portal for ArcGIS by importing ArcGIS Server's internal SSL certificate into Portal for ArcGIS. To determine the internal certificate used in ArcGIS Server, follow the steps provided below.
    1. Log in to the ArcGIS Server Administrator directory. The following is an example of the ArcGIS Server Administrator Directory URL:
       http://gisserver.domain.com:6080/arcgis/admin
    2. Click machines. Under Machines, click the appropriate machine hosting the certificates.
    3. Identify the Web Server SSL certificate, and click sslcertificates.

      [O-Image]
       
    4. Click the certificate, which is set as the Web server SSL Certificate. Click export and save the file.

      [O-Image]
       
    5. Import the certificate into the Portal for ArcGIS keystore. The following document explains this in detail: Portal for ArcGIS: Configuring the portal to trust certificates from your certifying authority.
       
      Note:
      Visit the following website to verify and diagnose SSL certificates to confirm correct installation, validity, and trust: sslshopper.

Related Information