(CSA) Support Tip: MPP to CSA/IDM communication via load balancer in HCM.08
Reviewing the MPP container, in mpp.json the 'strictSSL' attribute is set to 'true' in the 'provider' section so the 'ca' attribute would need to point to e.g. the LB certificate itself. In any case, if it is not the right certificate(s), secure communication between MPP and CSA via LB would fail. As we could not find a corresponding attribute in the YAML file controlling the 'strictSSL' value, we were searching for attributes in the YAML file that determine the value of the 'ca' attributes (in the 'provider' and also the 'idmProvider' sections in mpp.json), they are:
this maps to the 'ca' attribute in 'provider'
this maps to the 'ca' attribute in 'idmProvider'
So in our situation, we had to ensure the values of the above properties in the MPP YAML file were the path to the LB certificate in NFS.