Users are unable to log in to VMware Identity Manager (vIDM) when accessing it through the Load Balancer (LB). Attempts to authenticate resulted in a certificate-related error. However, direct logins to each individual vIDM node are successful.

The error message displayed during login attempts is as below:

PKIX path building failed: java.security.cert.CertPathBuilderException: No issuer certificate for certificate in certification path found.

VMware Identity Manager(vIDM) 3.3.x

To resolve the login issue encountered when accessing VMware Identity Manager (vIDM) through a load balancer, follow the actions below:

1. Apply the Complete Certificate Chain on the Load Balancer:
   Ensure that the SSL certificate deployed on the load balancer includes the complete certificate chain. This must consist of the server certificate, all necessary intermediate certificates, and the root certificate. An incomplete chain can prevent proper certificate validation, resulting in authentication failures.

2. Update the Intermediate Certificate on vIDM:
   Check the intermediate certificate configuration on all vIDM nodes and update them if necessary to match the certificate chain used on the load balancer.