Generate Certificate

URL:
https://<root>/machines/<machine>/sslcertificates/generate
Methods:
POST
Required Capability:
Access allowed with the "Security and Infrastructure" privilege
Version Introduced:
10.1

Description

The generate operation creates a self-signed certificate or acts as a starting point for getting a production-ready CA-signed certificate. The generated ceritifcate will be sorted in the keystore.

Request parameters

ParameterDescription

alias

(Required)

A unique name that easily identifies the certificate.

Example
Use dark colors for code blocksCopy
1
alias=myCert

keyalg

The algorithm used to generate the key pairs. The default is RSA.

Example
Use dark colors for code blocksCopy
1
keyalg=RSA

keysize

Specifies the size in bits to use when generating the cryptographic keys used to create the certificate. The larger the key size, the harder it is to break the encryption; however, the time to decrypt encrypted data increases with key size. For DSA, the key size can be between 512 and 1,024. For RSA, the recommended key size is 2,048 or greater.

Example
Use dark colors for code blocksCopy
1
keysize=1024

sigalg

Use the default (SHA1withRSA). If your organization has specific security restrictions, then one of the following algorithms can be used for DSA: SHA256withRSA, SHA384withRSA, SHA512withRSA, SHA1withDSA.

Example

Example
Use dark colors for code blocksCopy
1
sigalg=SHA1withRSA

commonName

Use the domain name of your server name as the common name.

If your server will be accessed on the Internet through the URL https://www.gisserver.com:6443/arcgis/, use www.gisserver.com as the common name.

If your server will only be accessible on your local area network (LAN) through the URL https://gisserver.domain.com:6443/arcgis, use gisserver as the common name.

Example
Use dark colors for code blocksCopy
1
commonName=SERVER.DOMAIN.COM

organizationalUnit

The name of your organizational unit.

Example
Use dark colors for code blocksCopy
1
organizationalUnit=GIS Department

organization

(Required)

The name of your organization.

Example
Use dark colors for code blocksCopy
1
organization=Esri

city

The name of the city or locality.

Example
Use dark colors for code blocksCopy
1
city=Redlands

state

The full name of your state or province.

Example
Use dark colors for code blocksCopy
1
state=California

country

The abbreviated code for your country.

Example
Use dark colors for code blocksCopy
1
country=US

validity

The total time in days during which this certificate will be valid. The default is 90.

Example
Use dark colors for code blocksCopy
1
validity=365

san

The subject alternative name (SAN) is an optional parameter that defines alternatives to the common name (CN) specified in the SSL certificate. There cannot be any spaces in the SAN parameter value.

If no SAN is defined, a website can only be accessed (without SSL certificate errors) by using the common name in the URL. If a SAN is defined and a DNS name is present, the website can only be accessed by what is listed in the SAN. Multiple DNS names can be specified if desired. For example, the URLs https://www.esri.com, https://esri, and https://10.60.1.16 can be used to access the same site if the SSL certificate is created using the following SAN parameter value:

Example
Use dark colors for code blocksCopy
1
san=DNS:www.esri.com,DNS:esri,IP:10.60.1.16

f

The response format. The default response format is html.

Values: html | json | pjson

Example usage

The following is a sample POST request for the generate operation:

Use dark colors for code blocksCopy
1
2
3
4
5
6
POST /webadaptor/admin/machines/MACHINE.DOMAIN.COM/sslcertificates/generate HTTP/1.1
Host: machine.domain.com
Content-Type: application/x-www-form-urlencoded
Content-Length: []

alias=myCert&keyalg=RSA&keysize=1024&sigalg=SHA1withRSA&commonName=SERVER.DOMAIN.COM&organizationalUnit=GIS Department&organization=ESRI&city=Redlands&state=California&country=US&validity=120&san=DNS:www.esri.com,DNS:esri,IP:10.60.1.16

JSON Response example

Use dark colors for code blocksCopy
1
{"status": "success"}

Your browser is no longer supported. Please upgrade your browser for the best experience. See our browser deprecation post for more details.