Recently I wanted to deploy a VMware Identity Manager 3.3.2 cluster with vRealize Lifecycle Manager 8.1. As a prerequisite I needed to prepare the vIDM Load Balancer. Unfortunately I was not able to find a complete overview on how to configure this with NSX-V 6.4.6. After some research and reaching out to others, I was able to find all the information I needed. This article reveals how I configured the NSX-V Load Balancer for the vIDM 3 node cluster.
Upload vdim certificate chain and the corresponding root CA certificates:
[vIDM Certificate Chain]
*In the field “Certificate Contents” add the entire certificate chain. Just like the below example.
—–BEGIN CERTIFICATE—–
[contents leaf certificate]
—–END CERTIFICATE—–
—–BEGIN CERTIFICATE—–
[contents root ca]
—–END CERTIFICATE—–
*In the field “Private Key” add the private key of the certificate in rsa format. Just like the below example.
—–BEGIN RSA PRIVATE KEY—–
[contents rsa private key]
—–END RSA PRIVATE KEY—–
Note: If your private key does not start with —–BEGIN RSA PRIVATE KEY—–, than you have to convert your private key first before NSX-V accepts your private key. You can do this for example with openssl. See my example below.
openssl rsa -in vidm-private-key.key -out vidm-private-rsa-key.key
[Corresponding Root CA]
Configure the Application Profile:
Application Profile Type: HTTPS End-To-End
Persistence: Cookie
Cookie Name: JSESSIONID
Mode: App Session
Expires in: 3600
Insert X-Forwarded-For HTTP header: Enable
Client Authentication: Ignore
Server Authentication: Enable
Configure the Service Monitor:
Interval: 5
Timeout: 10
Max Retries: 3
Type: HTTPS
Expected: 200
Method: GET
URL: /SAAS/API/1.0/REST/system/health/heartbeat
Configure the Pool:
Algorithm: ROUND-ROBIN
Monitor: VMware Identity Manager
Weight: 1
Monitor Port: 443
Port: 443
Configure the Virtual Server:
Virtual Server: Enable
Acceleration: Disable
Application Profile: VMware Identity Manager
Protocol: HTTPS
Port: 443
Default Pool: pool_vidm_443
Note: To enforce Layer 7 traffic, you need to disable Acceleration on the Virtual Server level.
That’s it… Now you can start deploying your vIDM cluster with vRLCM 8.1.
thank you for sharing and creating this content
Hola! I’ve been following your website for a long time now and finally got the bravery to go ahead and give you a shout out from Austin Texas! Just wanted to say keep up the fantastic job!
I抳e learn a few just right stuff here. Certainly value bookmarking for revisiting. I surprise how a lot attempt you set to make one of these magnificent informative web site.
I must convey my gratitude for your kindness supporting folks who need help on this one idea. Your real commitment to passing the solution all-around has been incredibly beneficial and have specifically made guys and women like me to attain their desired goals. Your new warm and helpful key points means this much a person like me and a whole lot more to my peers. Many thanks; from all of us.
Hi there, I found your web site by means of Google at the same time as looking for a related topic, your web site got here up, it appears great. I have bookmarked it in my google bookmarks.
Thank you A LOT 🙂
That’s amazing to find finally the simple working guide for that.