You must set the HTTPS site binding for the Integration Broker. To set the binding, you need an SSL certificate for the Integration Broker server. You can obtain a certificate from a Certificate Authority or create a self-signed certificate.

About this task

Note:

If you are using the on Windows and you are installing the Integration Broker on the same server as the connector, ensure that the HTTP and HTTPS binding ports do not conflict with the ports used by the VMware Identity Manager Connector component.

The VMware Identity Manager Connector component always uses port 80. It also uses 443, unless a different port is configured during installation. For more information on the ports used, see VMware Enterprise Systems Connector Installation and Configuration.

Installing the Integration Broker and the VMware Enterprise Systems Connector on different servers is recommended.

Prerequisites

  • Obtain an SSL certificate for the Integration Broker server. You can get a certificate from a Certificate Authority or create a self-signed certificate. Install the certificate in the Microsoft store in the Integration Broker server.

    See Example: Create a Self-signed Certificate Using IIS Manager and Example: Create a Self-signed Certificate Using OpenSSL.

    Note:

    If you are using the VMware Enterprise Systems Connector on Windows and have installed the Integration Broker on the same server as the connector, you can use the self-signed certificate that is generated during the connector installation. Install the certificate in the Microsoft store and use it for the HTTPS binding.

  • If you use an internal CA to create the certificate, to enable VMware Identity Manager to trust the certificate you must upload the root certificate of the internal CA at https://vidmHostname:8443/cfg/ssl on the Terminate SSL on a Load Balancer tab, where vidmHostname is the VMware Identity Manager instance where the Citrix integration is configured. In a SaaS environment, go to https://connectorHostname:8443/cfg/ssl.

Procedure

  1. In IIS Manager, in the left pane, click the web site under which you installed the Integration Broker.
    Tip:

    To verify the correct web site, you can expand the site in the left pane and check that the Integration Broker is listed under it.

  2. In the right pane, under Edit Site, click Bindings.
  3. Add the HTTPS binding using the certificate you created.
    1. Click Add.
    2. In the Type field, select https.
    3. If you are using IIS 8.0 or later, verify that the Host name field is empty. It must not have any value.
    4. In the SSL Certificate field, select the SSL certificate you created.
      For example:

      set HTTPS Binding


    5. Click OK.
  4. Restart IIS.
    1. Open the Command Prompt window as administrator.
    2. Type iisreset.

What to do next

Verify the bindings.

  • Verify that the HTTP binding produces the expected output by typing http://hostname /IB/API/RestServiceImpl.svc/ibhealthcheck in the address bar of a browser.

    Expected output:

    All ok

  • Verify that the HTTPS binding produces the expected output by typing https://hostname /IB/API/RestServiceImpl.svc/ibhealthcheck in the address bar of a browser.

    Expected output:

    All ok

Note:

In Internet Explorer, the All ok output is not displayed directly. Instead, the output file is downloaded. Open the file to view the output.