When the VMware Identity Manager Connector is installed, a default SSL server certificate is automatically generated. You can use this self-signed certificate for general testing of your implementation. VMware strongly recommends that you generate and install commercial SSL certificates in your production environment.
A certificate of authority (CA) is a trusted entity that guarantees the identity of the certificate and its creator. When a certificate is signed by a trusted CA, users no longer receive messages asking them to verify the certificate.
If you deploy the VMware Identity Manager Connector with the self-signed SSL certificate, the root CA certificate must be available as a trusted CA for any client that accesses the connector. The clients can include end user machines, load balancers, proxies, and so on. You can download the connector root CA from https://connectorFQDN/horizon_workspace_rootca.pem.