Portal for ArcGIS makes HTTPS requests to ArcGIS Server in a number of situations. When the portal needs to make an HTTPS connection to ArcGIS Server, it checks to see if the certificate returned by the server is trusted. If it's not trusted, the connection will fail.
By default, Portal for ArcGIS trusts some well known certifying authorities (CAs) such as Verisign and Thawte. However, it may not trust a CA that is less well known or is specific to your organization. For example, many organizations have root CAs that don't actually sign web server certificates, rather they only certify intermediate CAs. These intermediate CAs are often the ones that sign your web server's certificate. If your certificate is signed by an intermediate CA, then you need to import the root certificate first, then the intermediate certificate, as described below.
- Obtain the certificates you want to import. In many cases these certificates may already be loaded into your organization's browsers and can be exported from the browser.
- Sign in to the ArcGIS Portal Directory as an Administrator of your organization. The URL is in the format https://webadaptor.domain.com/arcgis/portaladmin.
- Import the root and intermediate certificates:
- Click Security > SSLCertificates > Import Root or Intermediate Certificate.
- Browse to the location of the root certificate provided by the CA and click Import.
- Browse to the location of the intermediate certificate and click Import.
- Repeat these substeps for additional root and intermediate certificates.