HOW TO
Web AppBuilder for ArcGIS (Developer Edition) ships with a self-signed cert in Node.js to support HTTPS, which might not be ideal for enterprise usage. In a business enterprise, it is highly recommended to use an authorized CA certificate. To do so, replace two files in the server directory: cakey.pem and cacert.pem.
The instructions provided describe the workflow to convert an existing SSL domain or CA-signed cert in .pfx format into a certificate/key pair using the OpenSSL toolkit.
Note: You can add the path to OpenSSL\Bin to the system environment Path variable so that you can run the utility from any directory on your host.
openssl pkcs12 -in [yourfile.pfx] -nocerts -out [keyfile.key]
Optionally, add the -nodes option to not encrypt the private key. Refer to the following command:
openssl pkcs12 -nodes -in [yourfile.pfx] -nocerts -out [keyfile.key]
Note: Once entered you need to type in the importpassword of the .pfx file. This is the password that you used to protect your keypair when you created your .pfx file. Once you entered the import password, OpenSSL requests you to type in another password, twice! This new password protects the .key file.
openssl rsa -in [keyfile.key] -outform PEM -out [cakey.pem]
openssl pkcs12 -in [yourfile.pfx] -clcerts -nokeys -out [cacert.pem]
Get help from ArcGIS experts
Download the Esri Support App