When the VMware Identity Manager virtual appliance is configured behind a load balancer, you must establish SSL trust between the load balancer and VMware Identity Manager. The VMware Identity Manager root certificate must be copied to the load balancer.

The VMware Identity Manager root certificate can be downloaded from the Appliance Settings > Manage Configuration > Install SSL Certificates > Server Certificate page in the VMware Identity Manager administration console.

If the VMware Identity Manager FQDN points to a load balancer, the SSL certificate can only be applied to the load balancer.

Since the load balancer communicates with the VMware Identity Manager virtual appliance, you must copy the VMware Identity Manager root CA certificate to the load balancer as a trusted root certificate.

Procedure

  1. In the VMware Identity Manager console, select the Appliance Settings tab, then click VA Configuration > Manage Configuration.
  2. In the dialog box that appears, enter the admin user password.
  3. Select Install SSL Certificates > Server Certificate.
  4. Click the Appliance Self Signed Root CA Certificates link.

    download certificate

    The certificate is displayed.
  5. Copy everything between and including the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE---- and paste the root certificate into the correct location on each of your load balancers. Refer to the documentation provided by your load balancer vendor.

What to do next

Copy and paste the load balancer root certificate to the VMware Identity Manager appliance.