n8watcher
Contributor
Contributor

Deployment of vIDM Cluster fails because of strange LB certificate isse

Hi everybody,

I'm trying to deploy a vIDM Cluster within our new installed Lifecycle Manager but I've got problems with our F5 loadbalancer. Nodes are installed successfully but everytime when the process VMware Identity Manager trust Load Balancer certificate is reached I've got following error message:

error_vLCM.png

Error Code: LCMVIDM71092
 
Failed to trust load balancer's certificate. Ensure load balancer has proper root certificate or provide the root certificate chain as retry param 'vidmLBRootCertificateChain' and try again.
 
Unable to fetch root/intermediate CA certificates from the certificate chain provided. Failed to trust vIDM load balancer certificate. Retry by providing the root or intermediate CA certificate chain
 
 
It happens with a "normal", wildcard and also Lifecycle Manager created selfsigned certificate. Also when I first deploy a node and scale it up to a cluster I've got this error.
 
Someone also using F5 with a vIDM Cluster and could tell me the procedure?
 
Thanks in advance.
 
 

Reply
0 Kudos
bdamian
Expert
Expert

I had the same problem last month scaling vIDM with self-signed certificates and F5 as a Load Balancer.

1- Download the certificate from LCM: 
LCM > Locker > Certificates. Find the vIDM certificate and Download

bdamian_0-1689779563872.png

2- Go to the URL of the vIDM appliance and login as a local Administrator and go to the Administration Console

bdamian_1-1689779643085.png

3- Go to Appliance Settings tab and click on "Manage Configuration" (maybe you will be asked for password)

bdamian_2-1689779708576.png

4- Go to Install SSL Certificates, Trusted CAs tab and paste the content of the LCM certificate.

bdamian_3-1689779847622.png

5- Finally, go back to LCM and retry the Scale Up.

That works for me!

 

---
Damián Bacalov
vExpert 2017-2023 (7 years)
https://www.linkedin.com/in/damianbacalov/
https://tecnologiaimasd.blogspot.com/
twitter @bdamian
Tags (1)
Reply
0 Kudos