Renew or replace the self-signed SSL certificates assigned to various components of NSX version 4.2 and later through the GUI interface Only.
search cancel

Renew or replace the self-signed SSL certificates assigned to various components of NSX version 4.2 and later through the GUI interface Only.

book

Article ID: 376246

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

NSX Certificate Management introduces operational ease via NSX's revamped certificate management capabilities: certificate replacement (single or multiple), renewal of certificates, automatic notifications for expiring certificates, revamped user experience and much more available in the NSX UI. 

Environment

VMware NSX Version 4.2 and later 

Resolution

The following process/steps apply to all NSX components; the example provided below is specific to the Local Manager.

Note: For demo purposes, I'm simply replacing a valid certificate. So you could make a note of the ID for reference.

Click on the "More Options icon" and select Replace Certificate.

This should prompt a pop-up window as shown below. If the 'Auto-Generate new self-signed certificate' option isn't already selected, choose it from the drop-down menu.

While the task is in progress, you should temporarily see two certificates with the same name: one categorized as 'Miscellaneous' and the other as 'Appliance'. You will observe the same behavior if you use the 'Generate Self-Signed Certificates' method. Please note that this is an alternative method to the one we are currently using.

Once you receive the notification stating 'Certificate Replacement Operation Completed,' you should see that there is only one certificate listed, categorized as 'Appliance,' as shown below.

Please note the ID here to ensure that this is not the same certificate we began replacing, as shown in the first screenshot.

Additional Information