Skip To Content

Generate Certificate

  • URL:https://<notebookserveradmin>/machines/<machine>/sslcertificates/generate
  • Required Capability:Administrator
  • Version Introduced:10.7

Description

Use this operation to create a self-signed certificate or as a starting point for getting a production-ready CA-signed certificate. ArcGIS Notebook Server will generate a certificate for you and store it in its keystore. The certificate generated should only be used in development and staging environments.

Parameters

ParameterDescription
alias

A unique name that easily identifies the certificate. This is required.

keyalg

The algorithm used to generate the key pairs. The default is RSA.

keysize

Specifies the size in bits to use when generating the cryptographic keys used to create the certificate. The larger the key size, the harder it is to break the encryption; however, the time to decrypt encrypted data increases with key size. For DSA, the key size can be between 512 and 1,024. For RSA, the recommended key size is 2,048 or greater.

sigalg

Use the default (SHA1withRSA). If your organization has specific security restrictions, then one of the following algorithms can be used for DSA: SHA256withRSA, SHA384withRSA, SHA512withRSA, SHA1withDSA.

commonName

Use the domain name of your server name as the common name.

If your server will be accessed on the Internet through the URL https://www.notebookserver.com:11443/arcgis/, use www.notebookserver.com as the common name.

If your server will only be accessible on your local area network (LAN) through the URL https://notebookserver.domain.com:11443/arcgis/, use notebookserver as the common name.

organizationalUnit

The name of your organizational unit, for example, GIS Department.

organization

The name of your organization, for example, Esri. This is required.

city

The name of the city or locality, for example, Redlands.

state

The full name of your state or province, for example, California.

country

The abbreviated code for your country, for example, US.

validity

The total time in days during which this certificate will be valid, for example, 365. The default is 90.

Subject Alternative Name

The subject alternative name (SAN) is an optional parameter that defines alternatives to the common name (CN) specified in the SSL certificate. There cannot be any spaces in the SAN parameter value.

If no SAN is defined, a website can only be accessed (without SSL certificate errors) by using the common name in the URL. If a SAN is defined and a DNS name is present, the website can only be accessed by what is listed in the SAN. Multiple DNS names can be specified if desired. For example, the URLs https://www.esri.com, https://esri, and https://10.60.1.16 can be used to access the same site if the SSL certificate is created using the following SAN parameter value:

DNS:www.esri.com,DNS:esri,IP:10.60.1.16

f

The response format. The default response format is html.

Values: html | json | pjson

Example

https://notebookserver:domain.com:11443/notebook/admin/machines/<machine>/sslcertificates/generate
	alias=myselfsignedcertificate
	keyalg=RSA
	keysize=1024
	sigalg=SHA1withRSA
	commonName=NOTEBOOKSERVER.DOMAIN.COM
	organizationalUnit=development
	organization=DOMAIN.COM
	city=Buffalo
	state=NY
	country=US
	validity=120
	SAN=DNS:www.domain.com,DNS:domain,IP:10.60.1.16