Skip To Content

Install a CA-issued certificate

Clients connecting to your site receive warning messages if your site is not configured with a certifying authority (CA) certificate recognized by the client. To prevent untrusted site messages from appearing every time clients connect, use ArcGIS Enterprise Cloud Builder for Microsoft Azure to install an SSL (or TLS) certificate to your site.

If you initially deployed your ArcGIS Server site or ArcGIS Enterprise with a self-signed certificate, follow these steps to install a CA-issued certificate.

  1. Obtain an SSL certificate and export the certificate to a .pfx file.
  2. Set up CNAME mapping for to your cloud service domain.
  3. Start ArcGIS Enterprise Cloud Builder for Microsoft Azure.
  4. Sign in to Microsoft Azure.

    If you want to use the Microsoft Azure Government cloud and have an Azure Government subscription, check U.S. Government account.

  5. Choose the Azure subscription that contains the deployment to which you want to install an SSL certificate.
  6. Click the down arrow next to the deployment in the Deployments list and click the certificate button Install a CA issued SSL certificate.

    The Certificate Information page opens.

  7. Type the CNAME for your deployment in the Domain Name (Alias) field.
  8. Choose the source type for the certificate.
  9. If you have a certificate (.pfx) file on disk that you want to reference, choose From File, browse to the location of your certificate (.pfx) file, and type the password to authenticate use of the .pfx file.

    This password was set when you created the .pfx file.

  10. If you have an SSL certificate stored in an Azure key vault or want to store your certificate in an Azure key vault, choose From Key Vault.

    See Azure documentation for more information on keys, secrets, and certificates.

    • If the certificate is already in a key vault, choose the Key Vault from the drop-down list and choose the Certificate from the drop-down list.
    • If you want to create a key vault, click the Create button (+) next to Key Vault and provide the information required on the Create Key Vault dialog box.

      The key vault name can contain up to 127 alphanumeric characters and dashes.

      Once you've created the key vault, click the Create button (+) next to Certificate and provide the information necessary to upload the certificate to the key vault.

  11. Provide the site administrator's user name and password.
  12. Click next to install the certificate.