VMware Workspace ONE Access – Configure Appliance

Release date: November 15th 2021

Welcome to my VMware Workspace ONE Access series. In this session I will describe how I did my initial configuration of the Workspace ONE Access appliance, which includes the following:

  • Setting passwords for the admin, root and sshuser users
  • Configuring the database-connection

In addition I will configure the following settings:

  • SSL trust between the load balancer and the appliance
  • Setting the Workspace ONE Access FQDN
  • Time sync settings

Once the appliance is deployed, I power it up and open the VMRC. I open the URL as described in the Console below

The Workspace ONE Access Appliance Setup wizard launches, CONTINUE…

I set the passwords for system accounts in accordance with the password requirements, once done, CONTINUE…

Next i enter the JDBC URL, the database username and password. As I’m using the internal FQDN of my SQL server, this JDBC URL won’t work without a DNS resolution of this host name. I click Test Connection, once successful, CONTINUE…

Now that the setup is finished, I select Appliance Configurator to complete my additional settings

I will start out by establishing the SSL Trust between the Load Balancer and Workspace ONE Access. As described in the Official VMware documentation, Apply Workspace ONE Access Root Certificate to the Load Balancer, I need to copy the Workspace ONE Access root certificate to my HAProxy server.

I provide a SAN name and save the pem-file.

The content of my horizon_workspace_rootca.pem file

I copy the content of the horizon_workspace_rootca.pem file into HAProxy as shown below.

sudo nano /usr/local/share/ca-certificates/horizon_workspace_rootca.pem
sudo openssl x509 -outform der -in horizon_workspace_rootca.pem -out horizon_workspace_rootca.crt
sudo update-ca-certificates

I also need to add the Load Balancer (=HAProxy)’s root certificate to the Workspace ONE Access appliance, as described in VMware’s documentation here: Apply Load Balancer Root Certificate to Workspace ONE Access

Once the services are up and running, I change the Workspace ONE Access FQDN to my public host name

I also adjust the NTP settings to guarantee the correct time on the Workspace ONE Access appliance, which is critical for operations and synchronizations, Save…

With that, the configuration of the Workspace One Access appliance is complete. I’m now ready to set up a connector in order to connect both Active Directory av Virtual Apps, which I have described here: VMware Workspace ONE Access – Set up Connector

VMware Official documentation: Configure Workspace ONE Access Settings (v. 21.08)

Workspace ONE Access Product Page

VMware Workspace ONE Access Documentation

Disclaimer: Every tips/tricks/posting I have published here, is tried and tested in different it-solutions. It is not guaranteed to work everywhere, but is meant as a tip for other users out there. Remember, Google is your friend and don’t be afraid to steal with pride! Feel free to comment below as needed.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: