• This issue happens if you trying to replace a VIDM certificate that is using a custom certificate.
• The issue is not resolved even after following the KB 322710
• Certificate replacement on VMware Identity Manager fails with Error Code: LCMVIDM71092

Failed to trust load balancer's certificate. Ensure load balancer has proper root certificate or provide the root certificate chain as retry param 'vidmLBRootCertificateChain' and try again.

Unable to fetch root/intermediate CA certificates from the certificate chain provided. Failed to trust vIDM load balancer certificate. Retry by providing the root or intermediate CA certificate chain

• VIDM cert shows up to date, however, when you try to re-trust the VIDM with load balance it fails with Error Code: LCMVIDM71092.

• VMware Identity Manager 3.3.x
• VMware Suite Lifecycle 8.x

• When a custom certificate on VMware products expires, renewing the certificates via Aria Lifecycle Manager is not possible.
• If the product is SSL terminated, you must manually replace the certificate and CA in the load balancer first only then change the VMware Identity Manager certificate.

• You must manually replace the certificate and CA in the load balancer first, then change the VMware Identity Manager certificate.
• There is also a workaround if the certificate is already expired and they cannot re-trust in LCM.
   
  • Ensure you have a valid snapshot/backup of the LCM appliance. 
  • SSH to the LCM as root. 
  • Access the LCM Database:
    psql -U postgres -h localhost -d vrlcm
  • Updated the DB vm_engine_property to true:
    UPDATE vm_engine_property SET value='true' WHERE vmid='lcm.plugin.vidm.trust.loadbalancer.certificate.skip';
  • Retry the failed certificate replacement/ re-trust load balancer request. 
  • Once the certificate replacement request is completed, Updated the DB vm_engine_property to false:
UPDATE vm_engine_property SET value='false' WHERE vmid='lcm.plugin.vidm.trust.loadbalancer.certificate.skip';
  • Exit the database: 
    /q