Out of the box, ArcGIS Server uses HTTP and HTTPS protocols for communication. You may choose to leave your ArcGIS Server site in the default HTTP and HTTPS configuration, but be aware that HTTP transactions are not encrypted and may not be appropriate for all content. For more information about HTTPS, see Introduction to HTTPS.
Configure HTTPS in a single-machine test environment
If you're developing or experimenting with ArcGIS Server on a single machine, you can configure HTTPS using the default self-signed certificate. For instructions on how to do this, see Configuring HTTPS only using the default self-signed certificate.
Configure HTTPS on ArcGIS Server when using ArcGIS Web Adaptor
When ArcGIS Web Adaptor is configured to forward requests to ArcGIS Server, you must enable HTTPS on the web server hosting ArcGIS Web Adaptor and configure HTTPS on each GIS server machine participating in the ArcGIS Server site.
If your site will be accessed by external users, you should configure HTTPS on the web server hosting ArcGIS Web Adaptor using a commercial Certificate Authority (CA) certificate. You must also configure HTTPS on your site using a self-signed certificate. For instructions on how to do this, see Configuring HTTPS on ArcGIS Server when accessed through ArcGIS Web Adaptor. Instead of a self-signed certificate, you can also choose to use a CA-signed certificate in the site.
For instructions on how to configure HTTPS in ArcGIS Server by creating a new CA certificate, see Configuring HTTPS using a new CA-signed certificate.
Configure HTTPS on ArcGIS Server when using a load balancer
If your configuration uses a hardware or software load balancer as the gateway to your site, you must enable HTTPS on the load balancer and configure HTTPS in the site.
Note:
ArcGIS Server does not support SSL-offloading through a reverse proxy/load balancer. If your configuration uses a reverse proxy, it must redirect to either the ArcGIS Web Adaptor or directly to ArcGIS Server over HTTPS.
If your site will be accessed by external users, you should configure HTTPS on the load balancer using a commercial CA certificate. You must also configure HTTPS in the site using a self-signed or CA-signed certificate.