Problem: Unable to register ArcGIS GeoEvent Processor for Server when using a self-signed certificate
Unable to register ArcGIS GeoEvent Processor for Server when using a self-signed certificate over a Secure Sockets Layer (SSL) connection.
The registration fails when a self-signed certificate makes an untrusted connection to the browser while establishing the SSL connection.
Solution or Workaround
Add the self-signed certificate to the certificate authority (CA) to ensure a trusted connection to the browser.
- Stop ArcGIS GeoEvent Processor for Server service from the Services console. To do this, click Start, and in the search box, type services.msc to launch the console.
- Save a copy of the CA certificate to the folder: C:\Program Files\ArcGIS\Server\GeoEventProcessor\jre\lib\security
This certificate only works with .cer files.
- To open a Command Prompt window as an Administrator, click Start > All Programs > Accessories, right-click Command Prompt, and select Run as Administrator.
- Navigate to the above folder location, "C:\Program Files\ArcGIS\Server\GeoEventProcessor\jre\lib\security".
- Within the folder, paste the following command to import the self-signed certificate to the CA (cacerts) file:
"C:\Program Files\ArcGIS\Server\GeoEventProcessor\jre\bin\keytool" -import -trustcacerts -file esrica.cer -alias esri_ca -keystore cacerts
Note: In this example, the certificate is named esrica.cer. Users must replace this name with a unique name for the self-signed certificate. When prompted for a password, type changeit. For the Alias parameter, select any name; the alias is a unique name that easily identifies the certificate.
- When prompted to trust the certificate, click Yes.
- To implement the changes, restart ArcGIS GeoEvent Processor for Server from the Services console.