Alarm for Certificate Expired is seen in the NSX-T UI
search cancel

Alarm for Certificate Expired is seen in the NSX-T UI


Article ID: 345870


Updated On:


VMware NSX Networking


An Alarm is seen in the NSX-T UI citing that a certificate is expired. The Alarm resembles the screenshot below:


In the Syslog (var/log/syslog) of an NSX T Manager, one can also find an correlated error resembling that of below:
2022-01-17T10:06:09.706Z manager1 NSX 5443 MONITORING [nsx@6876 alarmId="<UUID>" alarmState="OPEN" comp="nsx-manager" entId="<UUID>" errorCode="MP701099" eventFeatureName="certificates" eventSev="CRITICAL" eventState="On" eventType="certificate_expired" level="FATAL" nodeId="<UUID>" subcomp="monitoring"] Certificate <UUID> has expired.

Note: The preceding log excerpts are only examples. Date, time, and environmental variables may vary depending on your environment.


VMware NSX-T Data Center 3.x
VMware NSX-T Data Center


A certificate in the NSX-T Manager trust store has reached its expiration date.


Ensure services that are currently using the certificate are updated to use a new, non-expired certificate. Once the expired certificate is no longer in use, it should be deleted by utilizing the User Interface or invoking the DELETE /api/v1/trust-management/certificates/<certificate-id> or /policy/api/v1/trust-management/certificates/<certificate-id> NSX API.

If the expired certificate is used by NAPP Platform, the connection may be broken between NSX-T and NAPP Platform. Please check the NAPP Platform troubleshooting document for guidance on use a self-signed NAPP CA certificate for recovering the connection, found here: