If you used another tool, such as OpenSSL, to obtain the NSX Manager certificate, make sure the certificate and private key are in the PKCS#12 format. If your NSX Manager certificate and private key are not in PKCS#12 format, you must convert them before you can import them into NSX Manager.


Verify that OpenSSL is installed on the system. You can download openssl from http://www.openssl.org.


After receiving the signed certificate from the authorized signer, use OpenSSL to generate a PKCS#12 (.pfx or .p12) keystore file from the certificate file and your private key.

For example:

openssl pkcs12 -export -out server.p12 -inkey server.key -in server.crt -certfile CACert.crt

In this example, CACert.crt is the name of the root certificate that was returned by the certificate authority.

What to do next

Import the signed SSL certificate into NSX Manager.