The root CA for my public certificate on vIDM expired, I've updated the chain on my load balancer and vIDM appliances.
NSX-T looks to already have the new root CA as it isn't knew, the company just switched from one root to another and the original root expired.
Now vIDM no longer works and I edited /etc/ca-certificate.conf and deselected the old root CA and after running curl vIDM URL I no longer get a certificate error but in NSX-T I do, i rebooted all 3 nodes and that didn't help.
Hoping someone can point me to a KB or blog that might resolve the issue, thanks.
Figured it out, I had replaced the certificate chain on vIDM but forgot to do the same on the load balancer so it was sending the wrong chain to NSX.
Figured it out, I had replaced the certificate chain on vIDM but forgot to do the same on the load balancer so it was sending the wrong chain to NSX.