How to update NSX Manager CA Certificate for TKGI product
search cancel

How to update NSX Manager CA Certificate for TKGI product

book

Article ID: 308609

calendar_today

Updated On:

Products

VMware NSX VMware Tanzu Kubernetes Grid Integrated (TKGi)

Issue/Introduction

NSX Manager CA Certificate is about to expire and needs to be updated for TKGI product

Environment

VMware Tanzu Kubernetes Grid Integrated Edition 1.x
VMware NSX

Resolution

This CA certificate can be updated in Ops Manager UI.

  1. Get the new NSX-T CA certificate from NSX Manager.
    For more information about certificates in NSX: NSX Administration Guide / Certificates
  2. Confirm the NSX server certificate is signed by this new CA.
  3. Copy the CA into below text box.
  4. Apply Change against TKGI tile and select the Upgrade all cluster errand.

Additional Information

The NSX Manager CA certificate is used to authenticate with the NSX Manager. The process requires creating an IP-based, self-signed certificate and register it with the NSX Manager. During TKGI installation on vSphere with NSX, this certificate must be provided in the NSX Manager CA Cert field in the Networking pane in the TKGI tile.