This article provides steps to configure Windows installed Platform Services Controller (PSC) 6.7 High Availability with SSL termination.

To configure the PSCs for load balancing, run the updateSSOConfig.py and updateLsEndpoint.py scripts.

Notes:

• The updateSSOConfig.py script updates information local to each PSC and must be ran on all PSCs in the HA instance.
• The updateLsEndpoint.py script updates the ServiceRegistration Endpoints in VMDir and only needs to be ran on one of the PSCs in the HA instance.

Running the updateSSOConfig.py script:

1. Connect to the PSC with an administrative user.
2. Open an elevated privilege command prompt.
3. Navigate to C:\Program Files\VMware\vCenter Server\vmware-sso\bin with this command:
   
   cd "C:\Program Files\VMware\vCenter Server\vmware-sso\bin"

4. Run this command:
   
   "%VMWARE_PYTHON_BIN%"\python updateSSOConfig.py --lb-fqdn=psc-ha-vip
   
   Example
   
   "%VMWARE_PYTHON_BIN%"python updateSSOConfig.py --lb-fqdn=loadbalancer.example.com 

5. Repeat these steps on any remaining PSCs.

Running the updateLsEndpoint.py script

1. Connect to the PSC with an administrative user.
2. Open an elevated privilege command prompt.
3. Navigate to C:\Program Files\VMware\vCenter Server\vmware-sso\bin with this command:
   
   cd "C:\Program Files\VMware\vCenter Server\vmware-sso\bin"

4. From the load balancer console, download the certificate used to configure the PSC nodes to the load balancer, onto the PSC machine. Provide the absolute path of this certificate to the –lb-cert parameter in the next step.
5. Run this command:
   
   "%VMWARE_PYTHON_BIN%"python UpdateLsEndpoint.py --upgrade --lb-fqdn=PSC_HA_VIP_FQDN --user=administrative_user --password=password --lb-cert=Absolute_path_of_the_load_balancer_certificate
   
   Example
   
   "%VMWARE_PYTHON_BIN%"python UpdateLsEndpoint.py --upgrade --lb-fqdn=psc-ha-vip.example.com [email protected] --password=VMware123$ --lb-cert=C:\certs\lb.crt
   
   Note: Only perform this step on a single PSC node.