Create a new Certificate and Reserve it solely for Local Manager.
Obtain the Site ID on the local manager, as root user:
cd /config/site-managerÂ
cat siteId -> this is the site ID for the local manager.
Then with the site ID and certificate ID for the new certificate, run the following API to reserve the new certificate for the Local manager site as root user:
curl -X POST -H "Content-Type: application/json" -H 'X-NSX-Username:admin' -d '{"service_type":"LOCAL_MANAGER","node_id":"<site-id>"}' "http://127.0.0.1:7440/nsxapi/api/v1/trust-management/certificates/<cert-id>?action=reserve"
Note: Please review the
Administration guide or further details on replacing a Federation certificate.