VMware Aria

 View Only

 VMware Identity Manager (vIDM) Error Domain Login Page /hc/error

Jump to  Best Answer
jrhaakenson's profile image
jrhaakenson posted Sep 17, 2025 01:46 PM

I recently upgraded my vIDM to CSP-97577 on version 3.3.7. After a ton of fixing issues with the patch, I've got it to a point where all services are running and all status reports in the UI console are green. Domain connectivity is green. Syncing to the domain works fine, no issues. However, the one thing still not working is my domain login page. When I select the domain for login it brings me to the page in the attached screenshot stating 'Error See logs for details'. The address bar contains https://<FQDN_of_IDM>/hc/error/

vIDM Domain Login Error
I've tried restoring various versions of the config-state.json file located in /usr/local/horizon/conf/states/<TENANT_NAME>/<WORKER_ID> but to no avail. If everything is reporting green and domain connectivity is working correctly, why can I not get to my domain login page?
jrhaakenson's profile image
jrhaakenson posted Sep 17, 2025 04:20 PM  Best Answer

I have resolved my issue. The issue was indeed the config-state.json file located in /usr/local/horizon/conf/states/<TENANT_NAME>/<WORKER_ID>  I had a working VM snapshot of the vIDM appliance prior to the CSP-97577 patch upgrade. I reverted the snapshot and obtained the config-state.json file from the working appliance prior to the upgrade. I then reverted the snapshot back to my upgraded vIDM appliance mentioned in the OP. I replaced the config-state.json file on the upgraded vIDM with the .json file from prior to the upgrade, BUT IT STILL DIDN'T WORK. So I did a stare and compare of the two .json files and determined the section of code for the idp (identity provider) on the upgraded .json was missing the information from the working .json. I copied and pasted ONLY the section of code under the idp section from the working .json to the upgraded .json and I am now once again able to access the domain login page and login. It looks like the upgraded .json was missing certificate information (to include the cert string and private key string under the idp section as well as a few other items of code. The idp section of the working .json file that was used to replace the upgraded .json file was:

     "idp" : {

        "isConfigured" : true,

        "host" : "<FQDN_of_vIDM_Node>:443",

        "tenantId" : "<TENANT ID>",

        "id" : 53,

        "name" : "<idp name>",

        "cert" :

"<CERT STRING>",

        "key" :

"<PRIVATE STRING>"

        }

Some other useful links for successfully installing the CSP-97577 patch on vIDM 3.3.7 are below:

https://knowledge.broadcom.com/external/article/406308/known-issues-after-applying-vidm-csp9757.html

https://knowledge.broadcom.com/external/article/322679

https://knowledge.broadcom.com/external/article/315176/vmware-identity-manager-vidm-wsa-servic.html

https://knowledge.broadcom.com/external/article/394695/rabbitmq-service-fails-to-start-on-vidm.html

I had to use all of these articles to fix multiple issues following the CSP-97577 patch upgrade (and probably a few other items I'm forgetting as well). This patch took me a good 3.5 days of work to finally get installed and working. The folks at Broadcom/VMware sure know how to release a working patch for their appliances eh? For the record this is a terrible way to release a patch when you have to also release a support article detailing no less than 6 issues identified with the patch after you release it. Get it together Broadcom!