Replacing NSX-T Certificate with Custom Certificate
Replacing NSX-T Certificate with Custom Certificate. As part of best practice, it is always recommended to replace VMware self-signed Platform certificates with your organization's CA signed certificate. To do the same we need to create a Certificate Signing Request for the NSX Manager. NSX-T Data Center deployment install VMware self-signed certificated by default. The same can be checked by navigating to System > Certificates to view the platform certificates created by the system. By default, these are self-signed X.509 RSA 2048/SHA256 certificates for internal communication within NSX-T Data Center and for external authentication when NSX Manager is accessed using APIs or the UI. To replace the VMware self-signed certificate with the custom cert there are four main steps: 1). Generate CSR. 2). Request the certificate from Certificate Authority. 3). Import Certificate 4). Validate and Replace the certificate on eac