When you import and replace new NSX MGMT_CLUSTER and API certificates with both private keys and public key chains in PEM, NSX and NAPP lose connections and NAPP UI stops working.

All NAPP 4.2 and prior versions.

NAPP is not able to parse the extra private key in certificate PEM and fail to import the certificate into NAPP trust-manager.  As a result, after replace MGMT_CLUSTER and/or API certificate with these certificates, connections between NSX and NAPP are lost since NAPP no longer trusts NSX certificates.

To verify, export the MGMT_CLUSTER certificate from the NSX manager.  Visually inspect the certificate chain.  If the PEM encoding include strings like "-----BEGIN RSA PRIVATE KEY-----" or "-----BEGIN PRIVATE KEY-----", then the issue can be confirmed.

Please contact Broadcom support for help to resolve the issue.