Set HTTPS Site Binding for the Workspace ONE Access Integration Broker

You must set the HTTPS site binding for the Integration Broker that you deployed for the Citrix-Workspace ONE Access integration. To set the binding, you need an SSL certificate for the Integration Broker server. You can obtain a certificate from a Certificate Authority or create a self-signed certificate.

Note: If you are using the Windows version of the VMware Identity Manager connector and you are installing the Integration Broker on the same server as the connector, ensure that the HTTP and HTTPS binding ports do not conflict with the ports used by the connector.

The VMware Identity Manager Windows connector (versions 3.3 and 19.03) always uses port 80. It also uses 443, unless a different port is configured during installation. For more information on the ports used, see Installing and Configuring VMware Identity Manager Connector 19.03.0.0 (Windows).

Installing the Integration Broker and the connector on different servers is recommended.

Prerequisites

Obtain an SSL certificate for the Integration Broker server. You can get a certificate from a Certificate Authority or create a self-signed certificate. Install the certificate in the Microsoft store in the Integration Broker server.
See Example: Create a Self-Signed Certificate for Workspace ONE Access Integration Broker Using IIS Managerand Example: Create a Self-signed Certificate for Workspace ONE Access Integration Broker Using OpenSSL.

Note: If you are using the Windows version of the VMware Identity Manager connector and are installing the Integration Broker on the same server as the connector, you can use the self-signed certificate that is generated during the connector installation. Install the certificate in the Microsoft store and use it for the HTTPS binding.

Procedure

In IIS Manager, in the left pane, click the web site under which you installed the Integration Broker.

Tip: To verify the correct web site, you can expand the site in the left pane and check that the Integration Broker is listed under it.
In the right pane, under Edit Site, click Bindings.
Add the HTTPS binding using the certificate you created.
1. Click Add.
2. In the Type field, select https.
3. If you are using IIS 8.0 or later, verify that the Host name field is empty. It must not have any value.
4. In the SSL Certificate field, select the SSL certificate you created.
  For example:
5. Click OK.
Restart IIS.
1. Open the Command Prompt window as administrator.
2. Type iisreset.

What to do next

Verify the bindings.

Verify that the HTTP binding produces the expected output by typing http://hostname /IB/API/RestServiceImpl.svc/ibhealthcheck in the address bar of a browser.
Expected output:

All ok
Verify that the HTTPS binding produces the expected output by typing https://hostname /IB/API/RestServiceImpl.svc/ibhealthcheck in the address bar of a browser.
Expected output:

All ok

Note: In Internet Explorer, the All ok output is not displayed directly. Instead, the output file is downloaded. Open the file to view the output.