Currently, I have a different certificate (different common name) for 2 IDM vapps (already installed in vapp) using different "localhost.key"- ***.IDM.COM for vapp1- YYY.IDM.COM for vapp2I have also implemented new VIP URL for both vapp such as ZZZ.IDM.COM (using load balancer)End-user can access idm to URL "ZZZ.IDM.COM"
Then1. I generated the 2.csr files to security team.2. Secutity team generate only one certificate back for "zzz.idm.com"to appy in both idm vapps.3. I applyied this certificate in both VAPPs and restart idm. i try to access the IDM url but it works for IDM1 only.
My question is,why idm2 browser always say "CN is invalid". what step that i missing?Security team said, they can generate the only one certificate for 1 name.Anyone can suggest?
Have you considered applying the certificate on the Load Balancer machine instead?
No,i haven't try.
Since the security team only generated one cert, and it works on vApp1, this means that they only certified the key-pair from vApp1.
I would copy the localhost.key and new localhost.crt from the security team from vApp1 across to vApp2 (back up originals first) and then restart IDM on vApp2
i did as your suggestion. currently,it woks properly. user can access idm url "ZZZ.IDM.COM"" by using the FQDN of VIP.
Thank you so much.