When the VMware Identity Manager appliance is installed, a default SSL server certificate is automatically generated. You can use this self-signed certificate for general testing of your implementation.
A CA is a trusted entity that guarantees the identity of the certificate and its creator. When a certificate is signed by a trusted CA, users no longer receive messages asking them to verify the certificate.
You can install a signed CA certificate from thepage.
If you deploy VMware Identity Manager with the self-signed SSL certificate, the root CA certificate must be available as a trusted CA for any client who accesses the VMware Identity Manager service. The clients can include end-user machines, load balancers, proxies, and so on. You can download the root CA from the page.
When the VMware Identity Manager connector is installed, a default self-signed SSL certificate is generated. You can continue to use this self-signed certificate in most scenarios. You can install a signed SSL certificate for the connector from the connector admin pages at https://connectorFQDN:8443/cfg/login.