Skip To Content

Configure ArcGIS Monitor with the default self-signed certificate

When you deploy ArcGIS Monitor, a self-signed certificate is automatically created for your ArcGIS Monitor Server machine. Monitor Server uses this self-signed certificate for HTTPS requests by default.

In rare cases, the self-signed certificate for Monitor Server may no longer be valid, usually because the certificate has expired or the host name of the machine was changed. In these cases, you need to generate a new self-signed certificate.

View the default self-signed certificate

To view the default self-signed certificate, complete the following steps:

  1. Access Monitor if necessary.

    The Home page appears.

  2. Click Administration.

    The System tab displays details for server configuration settings and HTTP communication settings. The certificate information is listed in the HTTP communication settings section, under SSL certificate.

Generate a new self-signed certificate

To generate a new self-signed certificate, complete the following steps:

  1. Sign in to the Monitor Server machine with an account that has administrative privileges and access to the configuration store directory.
  2. Open a command shell.
  3. Run the following command to stop the arcgis-monitor service:
    • Ubuntu: sudo service arcgis-monitor-server stop
    • Red Hat Enterprise Linux Server: sudo systemctl stop arcgis-monitor-server
  4. Delete the .pfx file from the /var/lib/<ArcGIS Monitor account username>/monitor/config-store directory.
  5. Run the following command to start the arcgis-monitor service:
    • Ubuntu: sudo service arcgis-monitor-server start
    • Red Hat Enterprise Linux Server: sudo systemctl start arcgis-monitor-server

    The self-signed certificate is used by Monitor Server for HTTPS requests.

Access Monitor Server

Monitor Server listens on port 30443 for requests when HTTPS is enabled. Use the following URL syntax to securely access Monitor Server:

https://monitorserver.domain.com:30443/arcgis/monitor

Note:

If you rename the Monitor Server machine, you can continue to access it using HTTPS; however, the host name will no longer match the original certificate. You must generate a new certificate and configure Monitor Server to use it.

Related topics