问题
In ArcGIS 10.6.1, resources are inaccessible through HTTPS when the Web Adaptor is deployed on WebSphere. This can manifest itself in the following ways:
Error: Unable to register the ArcGIS Server with the Web Adaptor. Please make sure that the server machine is running and that the account specified has administrative privileges to the site.
Error: Unable to configure Portal with the Web Adaptor. Please make sure that the Portal machine is running and that the account specified has administrative privileges to the Portal.
Error: Unable to get token for user <username>, Error in admin request for get machines Received fatal alert: handshake_failure.
Starting at ArcGIS 10.6.1, the secure socket layer (SSL) protocol TLSv1 is disabled by default for both Portal for ArcGIS and ArcGIS Server due to Payment Card Industry (PCI) compliance. By default, WebSphere uses SSL-TLS as the SSL handshake protocol, which is SSLv3 and TLSv1, and hence terminates HTTPS connections from the Web Adaptor to the ArcGIS Server and Portal for ArcGIS applications.
Note: Starting with ArcGIS Web Adaptor for Java 10.3, SSLv3 is no longer supported to prevent the POODLE vulnerability.
To use HTTPS with the ArcGIS Web Adaptor on WebSphere, update the WebSphere configuration to use SSL_TLSv2 as the SSL handshake protocol, which is SSLv3 and TLSv1, TLSv1.1, and TLSv1.2.
Follow the instructions below.
In addition, the WebSphere Java Virtual Machine must be updated to start with SSL protocol TLSv1.1 and TLSv1.2. For this, follow the steps below.
In the WebSphere Administrative console:
Note: The above solution is for Java Web Adaptor working with WebSphere 9. Review the WebSphere documentation for further details on security configuration for the organization level requirements.
获取来自 ArcGIS 专家的帮助
下载 Esri 支持应用程序