VMware recommends certifying all web interfaces on VMware Identity Manager
Option 1:Replace the self-signed certificates with a public CA signed certificate that contains the fully qualified domain name of the VA hostname in the Subject Alternative Name field.
If you are presented with HSTS warnings within your client browser when accessing any web interface, it is recommended to secure the virtual appliances with publicly trusted certificates. Several public CAs offer free automatically renewable certificates.
To bypass this warning type
thisisunsafe anywhere in the warning page of Edge or Chrome. This should allow the web interface to load.
This will then allow you the ability to update the certificates utilizing the standard process :
Updating Certificates for vIDM services (2961623)See
Installing an SSL Certificate for the VMware Identity Manager Service for additional data.
Option 2: Turn off the HSTS settings on the browser temporarily.
Note: This solution is meant to work for Chrome browsers. Each browser has own method to turn off the HSTS feature. Note, this should be considered a temporary solution with Option 1 as the primary fix.
Chrome:
- Open a Chrome browser.
- Type chrome://net-internals/#hsts in the address bar of the browser and press Enter.
- Under the Delete domain enter the FQDN of the appliance.
- Click Delete.