Need a push in the right direction when configuring WebMap, Portal or SDI services?
Looking for hints and tips, or just looking for Ideas and information?
The WebGIS discussion board is where you start those discussions, connect and share information.
Having just spent a couple of days getting this to work I thought I would share what I've learned on the community.
Use of TLS 1.2 security protocol only (all previous TLS versions and SSL protocols are disabled)
Geospatial Portal web sites must run under HTTPS
Geospatial Portal web sites configured to use Microsoft IIS Windows Authentication
Windows Server 2008 R2 web server
Once the customer's IT department had changed the Operating System configuration to only allow TLS 1.2 (this included restricting hashing algorithms, ciphers and key exchange algorithms) the following functionality in Geospatial Portal was affected:
Unable to configure Geospatial Portal instance in Admin Console web site.
Unable to set starting workspace for Geospatial Portal instance using Admin Portal.
Printing stopped working (PhantomJS print engine is configured)
To resolve the issues:
Update PhantomJS library to latest release (version 2.1.1).
Install Microsoft .NET 4.6.2 (this version supports TLS 1.2 with no required Microsoft updates).
For Admin Console web configI changed a few lines.
<!-- httpRuntime added to specifiy to use .NET 4.6-->
<httpRuntime executionTimeout="3600" maxUrlLength="65535" maxQueryStringLength="2097151" targetFramework="4.6"/>
<globalization uiCulture="auto" enableClientBasedCulture="true" culture="auto" /> <!-- Comment out to ensure .NET 4.6 is used as runtime
<httpRuntime requestValidationMode="2.0" />
<!--Ensuring .NET 4.6 runtime is used-->
<compilation debug="true" targetFramework="4.6">
I hope this information helps someone who has to configure Geospatial Portal in a TLS 1.2 only environment. This is becoming more common as its an industry recommendation to disable SSL and earlier versions of TLS protocols.