NSX certificate managed by SDDC expires
Article ID: 414409
Updated On:
Products
Issue/Introduction
When using NSX with SDDC, there are certificates created and managed by SDDC in NSX managers.
Typically, these certificates are for NSX manager appliances.
These certificates would appear as "CA signed with private key" in NSX UI. If these certificates expire, SDDC manager will show them as such and there might be issue with communication between SDDC manager to the NSX managers.
Environment
VMware NSX
VMware SDDC
Cause
CA signed certificates are managed by user manually, NSX does not renew these certificates automatically.
Resolution
To renew these expired CA signed certificate, user can reference to this guide: Replace Certificates Through NSX Manager
Once the certificates are renewed from NSX UI, the certificates will need to be added to trust store of SDDC Manager using Step 5.
Feedback
