NSX certificate replacement fails with private key missing error
search cancel

NSX certificate replacement fails with private key missing error

book

Article ID: 428615

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

CSR generated from NSX manager.

CSR generated from NSX manager UI System > Certificate > CSR > Generate CA CSR option.

You may also see the following error while trying to import the certificate from NSX UI > System >Certificate > Import Certificate for CSR.

Environment

VMware NSX

Cause

CSR for this certificate is generated from NSX UI using Generate CA CSR option and NSX doesn't store a private key for certificate for CA CSR

Resolution

If you use the NSX UI/API to generate the CSR: You do not need private key. NSX generates it internally and stores it securely.

For a CA signed certificate with CSR generated from NSX UI, use Generate CSR option instead of Generate CA CSR

Additional Information

Replace NSX Manager Certificates Using CA-Signed Certificates in NSX 4.x

Replace Certificates Through NSX Manager

Powered by Wolken Software