NSX Manager – Replacing the SSL Certificate
Applying a new SSL certificate to your NSX Manager really couldn’t be easier and, as the NSX Manager is part of a wider, security orientated product, we might as well do things properly and apply one!
First of all, and if already not in place, we’ll need to create a new Microsoft CA Template for SSL in vSphere. To do this, please take a look at VMware KB article 2112009. The procedure itself is a simple one, and I make reference below to a vSphere 6.x SSL certificate template, so it’s worth pointing out. This template was created using the aforementioned VMware KB.
To replace the NSX Manager SSL certificate, and to cert against your CA of choice, simply follow the below process.
17. Combine the certificate chain (nsxmanager.cer and root.cer) via the below command prompt:
copy nsxmanager.cer + root.cer nsxmanagerchain.cer
20. When requested, reboot your NSX Manager.
In a nutshell, applying an SSL cert the NSX Manager appliance couldn’t be easier and, as this is a security device, it isn’t a bad idea to fully secure it.