You can import an encrypted private key to install an SSL certificate on NSX Advanced Load Balancer. Password associated with an encrypted private key can be provided using the Key Passphrase option, available in the NSX Advanced Load Balancer UI while creating an SSL certificate. NSX Advanced Load Balancer uses the provided passphrase to decrypt the private key while installing the SSL certificate.

The steps to validate the Key Passphrase provided during the SSL certificate creation are as follows:


  1. Navigate to Templates > Security > SSL /TLS Certificates.
  2. Click Create and choose Application Certificate or Controller Certificate according to the requirement.
  3. From the Type drop-down menu, select Import.
  4. Paste the key text in the Upload or Paste Key (PEM) or PKCS12 File text box.

  5. Enter the password in the Key Passphrase.
  6. Click Validate to get the password validated by NSX Advanced Load Balancer.

Example: Sample Encrypted and Decrypted SSL key

Below is an example of an encrypted SSL key.


A decrypted SSL key file starts with BEGIN PRIVATE KEY as follows.