HOW TO

Manually reset ArcGIS Server's web server certificate to the self-signed certificate

Last Published: April 25, 2020

Summary

If a certificate is revoked, expired, or formatted improperly, it may prevent access on HTTPS on port 6443. If access on port 6080 is disabled or redirects to HTTPS, it may be impossible to update the SSL certificate on ArcGIS Server to regain access to the web pages.

Procedure

There are two files that must be edited to do this.

  • <config-store>\machines\<machine name>.json
  • <ArcGIS Install Directory>\framework\runtime\tomcat\conf\server.xml

In both these files, replace existing values with the value 'selfsignedcertificate', as follows:

  1. Stop the ArcGIS Server service.
  2. In <config-store>\machines\<machine name>.json file, change the current value for webServerSSLCertificate.
  3. In <AGS Install Directory>\framework\runtime\tomcat\conf\server.xml change the current value for keyAlias in the 6443 connector.
  4. Restart the ArcGIS Server service

Example of the corrected <machine name>.json file:

{"machineName":"<Machine FQDN>","platform":"<Platform Information>","ports":{"HTTP":6080,"webSocketsPort":6180,"HTTPS":6443},"ServerStartTime":1569011713367,"webServerMaxHeapSize":-1,"socMaxHeapSize":64,"webServerSSLEnabled":true,"webServerCertificateAlias":"selfsignedcertificate","adminURL":"https://<Machine FQDN>:6443/arcgis/admin","configuredState":"STARTED","synchronize":false,"underMaintenance":false}

Example of the corrected server.xml file:

<Connector SSLEnabled="true" URIEncoding="ISO-8859-1" ciphers="<SSL Ciphers>" clientAuth="false" connectionTimeout="20000" connectionUploadTimeout="10000000" disableUploadTimeout="false" keyAlias="selfsignedcertificate" keystoreFile="C:\Program Files\ArcGIS\Server\framework\etc\certificates\arcgis.keystore" keystorePass="<Keystore Password>" maxHttpHeaderSize="65535" maxPostSize="10485760" maxThreads="150" port="6443" protocol="org.apache.coyote.http11.Http11NioProtocol" relaxedQueryChars="" scheme="https" secure="true" server=" " sslEnabledProtocols="TLSv1.2" sslProtocol="TLS" useServerCipherSuitesOrder="true"/>

Article ID: 000021911

Software:
  • ArcGIS Server

Receive notifications and find solutions for new or common issues

Get summarized answers and video solutions from our new AI chatbot.

Download the Esri Support App

Discover more on this topic

Esri Community

Search for related information

Training

Find training related to this topic

ArcGIS Ideas

Explore ideas and give feedback

Get help from ArcGIS experts

Contact technical support

Download the Esri Support App

Go to download options