VMware Workspace ONE Community
VirtualSven
Hot Shot
Hot Shot
‎03-09-2015 09:05 AM
Jump to solution

Issue changing FQDN workspace 2.1

I have an issue changing the FQDN. I have one workspace appliance called "workspace-va01.domain.local" and I have a reverse proxy pointing to the local server with FQDN "workspace.domain.com". After deployment of the workspace portal, I want to change the FQDN of Horizon Workspace to the external address. Unfortunately I get the following error:

Error updating manager url on connector.

Updating IdP url on Connector...

Error updating IdP url on connector.

Updating workspace url in runtime config and restarting service...

The FQDN is correctly changed, but the manager url and the IdP url are not. When users want to login, they are redirected to the server address "workspace-va01.domain.local", which is not accessible externally of course. What am I doing wrong?

Sven Huisman VMware vExpert 2009-2016 Twitter: @svenh blog: svenhuisman.com
Reply
0 Kudos
1 Solution

Accepted Solutions
VirtualSven
Hot Shot
Hot Shot
‎03-10-2015 01:32 AM
Jump to solution

I figured it out. The problem was that I first replaced the certificate and then changed the FQDN. In the logfile I did see a couple of errors that the name of the workspace appliance was not in the certificate. I changed the certificate back to self-signed, then changed the FQDN to workspace.domain.com and then replaced the certificate. All is working well now!

Sven Huisman VMware vExpert 2009-2016 Twitter: @svenh blog: svenhuisman.com

View solution in original post

Reply
0 Kudos
5 Replies
pbjork
VMware Employee
VMware Employee
‎03-09-2015 09:14 AM
Jump to solution

Hard to say to be honest.. Workspace Portal 2.1 should by default hide the connector URL from users. There is a setting on the connector admin page to redirect users. Make sure that is not enabled.

Since you get Error updating IdP url on connector. Can it be because your VM is joined to the domain?

Reply
0 Kudos
VirtualSven
Hot Shot
Hot Shot
‎03-09-2015 12:15 PM
Jump to solution

The connector was joined to the domain, but I re-deployed the appliance and still get the error.

I've just tested from externally, and I get this error when trying to login:

Unable to read metadata from server

Sven Huisman VMware vExpert 2009-2016 Twitter: @svenh blog: svenhuisman.com
Reply
0 Kudos
pbjork
VMware Employee
VMware Employee
‎03-10-2015 12:52 AM
Jump to solution

Can you explain a little more about your setup?

What reverse proxy/load balancer do you use?

Are you using a publicly signed certificate?

Are you using split DNS? (i.e. internally Workspace FQDN points to a different IP than it resolves to externally)

Have you looked at this blog post? Workspace Portal - Trouble Changing the FQDN | Horizon Tech Blog - VMware Blogs

Reply
VirtualSven
Hot Shot
Hot Shot
‎03-10-2015 01:32 AM
Jump to solution

I figured it out. The problem was that I first replaced the certificate and then changed the FQDN. In the logfile I did see a couple of errors that the name of the workspace appliance was not in the certificate. I changed the certificate back to self-signed, then changed the FQDN to workspace.domain.com and then replaced the certificate. All is working well now!

Sven Huisman VMware vExpert 2009-2016 Twitter: @svenh blog: svenhuisman.com
Reply
0 Kudos
pbjork
VMware Employee
VMware Employee
‎03-10-2015 01:34 AM
Jump to solution

Glad it is all sorted..

Reply
0 Kudos