Securing the communication pipeline

If your mobile solution involves real-time synchronization between ArcGIS for Server and the field applications, there is a risk that anybody can intercept the Internet traffic. This can obviously lead to security problems, especially when data privacy is important to your organization. Because of this, it is recommended that you establish a Secure Sockets Layer (SSL) connection between your ArcGIS for Server and your field applications to ensure that the connection is secured.

To establish an SSL connection between your ArcGIS for Server and your field device, you need to export the certificate from your server and install it to your device. The following are the two types of supported certificates:

Your server administrator can tell you the type of certificate your server uses. It's always a best practice to use a CA signed certificate in your production environment, because this is the only way to ensure that the server's certificate is signed by a CA and can be trusted. However, in the development phase, you can use a self-signed certificate for testing purposes

NoteNote:

If your field devices have certificates from several trusted commercial CAs preinstalled in the root store, you don't need to export the certificate from your ArcGIS for Server and install it on your mobile devices. However, if your ArcGIS for Server uses a self-signed certificate or a CA issued certificate that is not preinstalled in the devices' root store, you have to manually install it.

TipTip:

For details on using SSL protocol with ArcGIS for Server, see Securing ArcGIS Server communication and Enabling SSL on ArcGIS Server in the ArcGIS for Server help system.

1/7/2015