<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" version="2.0">
  <channel>
    <title>topic Configuring vIDM via API in VMware Aria Operations for Logs Discussions</title>
    <link>https://communities.vmware.com/t5/VMware-Aria-Operations-for-Logs/Configuring-vIDM-via-API/m-p/482619#M299</link>
    <description>&lt;HTML&gt;&lt;HEAD&gt;&lt;/HEAD&gt;&lt;BODY&gt;&lt;P&gt;I've been working through creating workflows of what I'm going to call "routine configurations" that a person does when standing up a new Log Insight instance/cluster (tested on 4.5.1), but when I try and go and create the API call to establish vIDM configuration... the API is returning an error related to the self-signed certificate from vIDM.... which is, to put it mildly, highly annoying. My request looks like this (sanitized):&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;`&lt;/P&gt;&lt;BLOCKQUOTE&gt;&lt;P&gt;curl --request POST \&lt;/P&gt;&lt;P&gt;&lt;SPAN&gt;&amp;nbsp; --url &lt;/SPAN&gt;&lt;A _jive_internal="true" href="https://communities.vmware.com/" rel="nofollow"&gt;https://&lt;/A&gt;&lt;SPAN&gt;&amp;lt;li-host&amp;gt;:9543/api/v1/vidm \&lt;/SPAN&gt;&lt;/P&gt;&lt;P&gt;&amp;nbsp; --header 'authorization: Bearer SEUrE+BeXqIOGWE7Mzwza+WC8VD0yzojqHg6NTcy42UOB2NqLa2NI9ROHIQulAX1H93HH4K92neE7XLBYm4cNcxGkzJnA2V6Wpwx93bGslkM7FNBXCkZfAV/JpRkUxEvWmx98kxxZczsu5g6xiruID2jzbAwrPnF9ap5xDCIcaxyvX495uH0n7pYFp6wFGuOgi0gqfd2+BbXRtJe2A2/qisazkWsNrp7mJ7SDkw1OVSGruuAokH65QRPAjdN8c//vomgTRGS4WBzCkkT+Sl/jw==' \&lt;/P&gt;&lt;P&gt;&amp;nbsp; --header 'content-type: application/json' \&lt;/P&gt;&lt;P&gt;&amp;nbsp; --cookie JSESSIONID=51A9140CD5C6590958C0295E6A8B4263 \&lt;/P&gt;&lt;P&gt;&amp;nbsp; --data '{&lt;/P&gt;&lt;P&gt;&amp;nbsp; "acceptCert" : true,&lt;/P&gt;&lt;P&gt;&amp;nbsp; "enabled": true,&lt;/P&gt;&lt;P&gt;&amp;nbsp; "hostname": "&amp;lt;vidm-fqdn&amp;gt;",&lt;/P&gt;&lt;P&gt;&amp;nbsp; "port": "443",&lt;/P&gt;&lt;P&gt;&amp;nbsp; "tenant": "vsphere.local",&lt;/P&gt;&lt;P&gt;&amp;nbsp; "redirectURL": "&amp;lt;li-vip&amp;gt;",&lt;/P&gt;&lt;P&gt;&amp;nbsp; "username": "admin@vsphere.local",&lt;/P&gt;&lt;P&gt;&amp;nbsp; "password": "&amp;lt;password&amp;gt;"&lt;/P&gt;&lt;P&gt;}'&lt;/P&gt;&lt;/BLOCKQUOTE&gt;&lt;P&gt;And the response I'm getting from the API is:&lt;/P&gt;&lt;PRE __default_attr="java" __jive_macro_name="code" class="jive_macro_code jive_text_macro _jivemacro_uid_15150916728259101" data-renderedposition="552_8_1131_112" jivemacro_uid="_15150916728259101"&gt;&lt;P&gt;{&lt;/P&gt;&lt;P&gt;"errorMessage": "VMware Identity Manager provided custom CA certificate. Unable to make SSL connection.",&lt;/P&gt;&lt;P&gt;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp; "errorCode": "VIDM_ERROR",&lt;/P&gt;&lt;P&gt;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp; "errorDetails": {&lt;/P&gt;&lt;P&gt;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp; "errorCode": "com.vmware.loginsight.api.providers.vidm.custom_ca_certificate"&lt;/P&gt;&lt;P&gt;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp; }&lt;/P&gt;&lt;P&gt;}&lt;/P&gt;&lt;/PRE&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;Anybody have any ideas why it would work in the UI (where I can review the SSL cert and accept), but not via the API? Is there something possibly missing from the API docs around a query parameter to force acceptance of the cert? I'd think the "acceptCert" parameter would do that in the JSON body, but well.........&lt;/P&gt;&lt;/BODY&gt;&lt;/HTML&gt;</description>
    <pubDate>Thu, 04 Jan 2018 18:49:06 GMT</pubDate>
    <dc:creator>stvkpln</dc:creator>
    <dc:date>2018-01-04T18:49:06Z</dc:date>
    <item>
      <title>Configuring vIDM via API</title>
      <link>https://communities.vmware.com/t5/VMware-Aria-Operations-for-Logs/Configuring-vIDM-via-API/m-p/482619#M299</link>
      <description>&lt;HTML&gt;&lt;HEAD&gt;&lt;/HEAD&gt;&lt;BODY&gt;&lt;P&gt;I've been working through creating workflows of what I'm going to call "routine configurations" that a person does when standing up a new Log Insight instance/cluster (tested on 4.5.1), but when I try and go and create the API call to establish vIDM configuration... the API is returning an error related to the self-signed certificate from vIDM.... which is, to put it mildly, highly annoying. My request looks like this (sanitized):&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;`&lt;/P&gt;&lt;BLOCKQUOTE&gt;&lt;P&gt;curl --request POST \&lt;/P&gt;&lt;P&gt;&lt;SPAN&gt;&amp;nbsp; --url &lt;/SPAN&gt;&lt;A _jive_internal="true" href="https://communities.vmware.com/" rel="nofollow"&gt;https://&lt;/A&gt;&lt;SPAN&gt;&amp;lt;li-host&amp;gt;:9543/api/v1/vidm \&lt;/SPAN&gt;&lt;/P&gt;&lt;P&gt;&amp;nbsp; --header 'authorization: Bearer SEUrE+BeXqIOGWE7Mzwza+WC8VD0yzojqHg6NTcy42UOB2NqLa2NI9ROHIQulAX1H93HH4K92neE7XLBYm4cNcxGkzJnA2V6Wpwx93bGslkM7FNBXCkZfAV/JpRkUxEvWmx98kxxZczsu5g6xiruID2jzbAwrPnF9ap5xDCIcaxyvX495uH0n7pYFp6wFGuOgi0gqfd2+BbXRtJe2A2/qisazkWsNrp7mJ7SDkw1OVSGruuAokH65QRPAjdN8c//vomgTRGS4WBzCkkT+Sl/jw==' \&lt;/P&gt;&lt;P&gt;&amp;nbsp; --header 'content-type: application/json' \&lt;/P&gt;&lt;P&gt;&amp;nbsp; --cookie JSESSIONID=51A9140CD5C6590958C0295E6A8B4263 \&lt;/P&gt;&lt;P&gt;&amp;nbsp; --data '{&lt;/P&gt;&lt;P&gt;&amp;nbsp; "acceptCert" : true,&lt;/P&gt;&lt;P&gt;&amp;nbsp; "enabled": true,&lt;/P&gt;&lt;P&gt;&amp;nbsp; "hostname": "&amp;lt;vidm-fqdn&amp;gt;",&lt;/P&gt;&lt;P&gt;&amp;nbsp; "port": "443",&lt;/P&gt;&lt;P&gt;&amp;nbsp; "tenant": "vsphere.local",&lt;/P&gt;&lt;P&gt;&amp;nbsp; "redirectURL": "&amp;lt;li-vip&amp;gt;",&lt;/P&gt;&lt;P&gt;&amp;nbsp; "username": "admin@vsphere.local",&lt;/P&gt;&lt;P&gt;&amp;nbsp; "password": "&amp;lt;password&amp;gt;"&lt;/P&gt;&lt;P&gt;}'&lt;/P&gt;&lt;/BLOCKQUOTE&gt;&lt;P&gt;And the response I'm getting from the API is:&lt;/P&gt;&lt;PRE __default_attr="java" __jive_macro_name="code" class="jive_macro_code jive_text_macro _jivemacro_uid_15150916728259101" data-renderedposition="552_8_1131_112" jivemacro_uid="_15150916728259101"&gt;&lt;P&gt;{&lt;/P&gt;&lt;P&gt;"errorMessage": "VMware Identity Manager provided custom CA certificate. Unable to make SSL connection.",&lt;/P&gt;&lt;P&gt;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp; "errorCode": "VIDM_ERROR",&lt;/P&gt;&lt;P&gt;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp; "errorDetails": {&lt;/P&gt;&lt;P&gt;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp; "errorCode": "com.vmware.loginsight.api.providers.vidm.custom_ca_certificate"&lt;/P&gt;&lt;P&gt;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp; }&lt;/P&gt;&lt;P&gt;}&lt;/P&gt;&lt;/PRE&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;Anybody have any ideas why it would work in the UI (where I can review the SSL cert and accept), but not via the API? Is there something possibly missing from the API docs around a query parameter to force acceptance of the cert? I'd think the "acceptCert" parameter would do that in the JSON body, but well.........&lt;/P&gt;&lt;/BODY&gt;&lt;/HTML&gt;</description>
      <pubDate>Thu, 04 Jan 2018 18:49:06 GMT</pubDate>
      <guid>https://communities.vmware.com/t5/VMware-Aria-Operations-for-Logs/Configuring-vIDM-via-API/m-p/482619#M299</guid>
      <dc:creator>stvkpln</dc:creator>
      <dc:date>2018-01-04T18:49:06Z</dc:date>
    </item>
  </channel>
</rss>

