Virtual apps validation failed - Unable to get ser...

EdgarasB · ‎03-18-2021

Hi,

Anyone has ideas why this FDQN is generated when validating virtual apps?

I am trying to configure Virtual apps collections using horizon 8 that is behind reverse proxy. But validation fails and it asks for certificate for FDQN that I did not setup anywhere: Horizon-External.domain.com

This FDQN is not mentioned anywhere.

Horizon connector can be accessed by public address: horizon.domain.com

Horizon server local FDQN: Horizon-External.domain.local

Reverse proxy is: nginx

Connection Server Settings:

HTTP(s) Secure Tunnel is: horizon.domain.com:433

reverse proxy is set up translate horizon.domain.com address to Horizon-External.domain.local

Reverse proxy uses *.domain.com certificate, that is used for both identity manager connector & Workspace one

server {
listen 443 ssl;
listen [::]:443 ssl;
server_name horizon.domain.com;

location / {
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass https://Horizon-External.domain.local:443/;
}
}

BradenKing · ‎10-24-2021

Did you ever figure out why the rogue FQDN was needing certificate validation? I'm seeing a bit of the same thing: I type in horizon-cs-01.domain.net for the connection, and when I try to save, it errors with "Virtual apps validation failed - Unable to get server SSL certificate horizoncs1.domain.net". Granted, the "horizoncs1" was a previous connection server's name, but its actual FQDN would have been horizoncs1.domain.internal and is no longer in the deployment.

dvdende · ‎12-23-2021

@BradenKing Do you maybe have a Cloud pod? If so try this https://kb.vmware.com/s/article/1010153 and see if the old connection server is still mentioned and if so remove it.

All

Virtual apps validation failed - Unable to get server SSL certificate Horizon-External.domain.com

Workspace ONE Identity and Access Management