Playing around with Access Policies in VMware Identity Manager you can very easily lock yourself out.. Often you see a message similar to this one:
Luckily it is very easy to regain access. Simply type in /SAAS/login/0 at the end out your FQDN / Tenant address and you should be able to login using the System Domain and one of your local Admin accounts.
A while ago I wrote about Certificates and how to convert between different encodings (https://blogs.vmware.com/horizontech/2018/08/vmware-identity-manager-and-certificates.html). While the post was mainly for VMware Identity Manager customers many of VMware’s products make use of the same certificate basics.
Felix Block, @fligh_MUC, is a colleague of mine and he pointed out a couple Horizon Cloud specific requirements when it comes to certificates.. So here’s his notes on the topic.