You are able to successfully log in to the VMware Identity Manager (vIDM) console, but the UI elements appear blank. The navigation menus (such as Dashboard, Users & Groups, Catalog, Identity & Access Management, Appliance Settings, and Roles) are visible, but clicking on them does not load any data.

The /var/log/vrlcm/vrlcm.log file contains a 500 error indicating a PKIX path validation failed exception during directory sync or connection attempts:

367135452025-12-02T16:11:09.770Z INFO vrlcm[1275] [pool-3-thread-3] [c.v.v.l.v.d.r.c.VidmRestClient]  -- API Response Status : 500 Response Message : {"errors":[{"code":"fail.response.from.connector","message":"Failed to get response from connector.","parameters":{"response":"PKIX path validation failed: java.security.cert.CertPathValidatorException: Could not validate certificate: certificate expired on 20251119201346GMT+00:00","responseCode":"503"}}]}

Note: The symptoms of this issue are similar to those described in Knowledge Article 375863. However, this article applies specifically if:

1. You can successfully access the appliance configuration page on port 8443 (https://<vIDM-FQDN>:8443).

2. The appliance certificates themselves are valid and not expired.

VMware Identity Manager 3.3.x

This issue is caused by missing Certificate Authority (CA) certificates in the VMware Identity Manager trusted CA store.

Unlike the scenario where the appliance's own certificate is expired (causing the browser to refuse the connection), this error occurs because the vIDM backend connector cannot validate the certificate chain presented by the Active Directory server during secure LDAP (LDAPS) connections. The "certificate expired" message in the log is a secondary symptom of the trust failure preventing the validation of the chain.

To resolve this issue, you must add the Root and Intermediate CA certificates for your Active Directory Domain Controllers to the VMware Identity Manager trusted CA store.

1. Obtain the Root and Intermediate CA certificates associated with your Active Directory Domain Controllers.

2. Navigate to the VMware Identity Manager appliance configuration console at https://<vIDM-FQDN>:8443.

3. Log in with the admin user credentials.

4. Navigate to Manage Configuration > Install SSL certificates > Trusted CAs.

5. Copy the contents of your Root or Intermediate CA certificate and paste them into the text box, or upload the file.

6. Click Add.

7. Repeat these steps for any additional intermediate certificates required to complete the chain of trust.

For issues where the appliance certificate itself is expired (often indicated by browser warnings or an inaccessible 8443 console), please refer to: VMware Identity Manager UI is failing to load with error "400 Bad Request" (375863).