The simplest way for creating Secret is to use the kubectl command:

kubectl create ns nsx-system
kubectl create secret tls ${CERT_NAME} --key ${KEY_FILE} --cert ${CERT_FILE} -n nsx-system

You can also create secrets using the NCP YAML file by uncommenting the the example Secret sections in the file, and fill in the base64-encoded values of the certificate and key. Use the following commands to get the base64-encoded string from the certificate or key file:

cat cert_file.crt | base64 -w 0
cat key_file.crt | base64 -w 0