When the VMware Identity Manager appliance is installed, a default SSL server certificate is automatically generated. You can use this self-signed certificate for general testing of your implementation. VMware strongly recommends that you generate and install commercial SSL certificates in your production environment.

A certificate of authority (CA) is a trusted entity that guarantees the identity of the certificate and its creator. When a certificate is signed by a trusted CA, users no longer receive messages asking them to verify the certificate.

If you deploy VMware Identity Manager with the self-signed SSL certificate, the root CA certificate must be available as a trusted CA for any client who accesses the VMware Identity Manager. The clients can include end user machines, load balancers, proxies, and so on. You can download the root CA from https://myconnector.domain.com/horizon_workspace_rootca.pem.

You can install a signed CA certificate from the Appliance Settings > Manage Configuration > Install Certificate page. You can also add the load balancer's root CA certificate on this page as well.