VMware Cloud Community
stvkpln
Virtuoso
Virtuoso

Configuring vIDM via API

I've been working through creating workflows of what I'm going to call "routine configurations" that a person does when standing up a new Log Insight instance/cluster (tested on 4.5.1), but when I try and go and create the API call to establish vIDM configuration... the API is returning an error related to the self-signed certificate from vIDM.... which is, to put it mildly, highly annoying. My request looks like this (sanitized):

`

curl --request POST \

  --url https://<li-host>:9543/api/v1/vidm \

  --header 'authorization: Bearer SEUrE+BeXqIOGWE7Mzwza+WC8VD0yzojqHg6NTcy42UOB2NqLa2NI9ROHIQulAX1H93HH4K92neE7XLBYm4cNcxGkzJnA2V6Wpwx93bGslkM7FNBXCkZfAV/JpRkUxEvWmx98kxxZczsu5g6xiruID2jzbAwrPnF9ap5xDCIcaxyvX495uH0n7pYFp6wFGuOgi0gqfd2+BbXRtJe2A2/qisazkWsNrp7mJ7SDkw1OVSGruuAokH65QRPAjdN8c//vomgTRGS4WBzCkkT+Sl/jw==' \

  --header 'content-type: application/json' \

  --cookie JSESSIONID=51A9140CD5C6590958C0295E6A8B4263 \

  --data '{

  "acceptCert" : true,

  "enabled": true,

  "hostname": "<vidm-fqdn>",

  "port": "443",

  "tenant": "vsphere.local",

  "redirectURL": "<li-vip>",

  "username": "admin@vsphere.local",

  "password": "<password>"

}'

And the response I'm getting from the API is:

{

"errorMessage": "VMware Identity Manager provided custom CA certificate. Unable to make SSL connection.",

     "errorCode": "VIDM_ERROR",

     "errorDetails": {

          "errorCode": "com.vmware.loginsight.api.providers.vidm.custom_ca_certificate"

     }

}

Anybody have any ideas why it would work in the UI (where I can review the SSL cert and accept), but not via the API? Is there something possibly missing from the API docs around a query parameter to force acceptance of the cert? I'd think the "acceptCert" parameter would do that in the JSON body, but well.........

-Steve
Labels (1)
Reply
0 Kudos
0 Replies