Replace the default certificate of the first Global Manager node to establish a trusted connection with the management components in the SDDC. You use APIs for this procedure.


  1. In a web browser, log in to Global Manager at https://gm_vip_fqdn/.
  2. Retrieve the certificate ID.
    1. On the main navigation bar, click System > Certificates.
    2. Copy the certificate ID value and save it.
  3. Log in to the host that has access to your data center.
  4. Replace the default certificate on the first Global Manager node with the CA-signed certificate.
    1. Start the Postman application in your web browser and log in.
    2. On the Authorization tab, enter the following settings.
      Setting Value
      Type Select Basic Auth.
      User name Enter admin.
      Password Enter nsx_admin_password.
    3. Click Update request.
    4. On the Headers tab, add a key as follows.
      Setting Value
      Key Content-Type
      Key Value application/xml
    5. In the request pane at the top, send the following HTTP request.
      Setting Value
      HTTP request method Select POST.
      URL Enter https://gm_node1_fqdn/api/v1/node/services/http?action=apply_certificate&certificate_id=gm_vip_fqdn_certificate_ID

      After the Global Manager sends a response, a 200 OK status is displayed on the Body tab.

  5. Restart the first Global Manager node.
    1. Log in to vCenter Server.
    2. In the inventory expand vCenter Server > Datacenter > Cluster.
    3. Right-click the node and select Actions > Power > Restart guest OS.