NSX Edge supports self-signed certificates, certificates signed by a Certification Authority (CA), and certificates generated and signed by a CA. Configure a CA Signed CertificateYou can generate a certificate signing request (CSR) and get it signed by a certification authority (CA). If you generate a CSR at the global level, it is available to all NSX Edges in your inventory. Add a CA CertificateBy adding a CA certificate, you can become an interim CA for your company. You then have the authority for signing your own certificates. Add a Server CertificateTo add a server certificate, you paste the contents of the PEM certificate file and the private key contents of the server. Add a Chained Certificate To add a server certificate that is chained with the intermediary and root CA certificates, you require a server certificate (PEM file), a private key for the server, an intermediate and a root certificate. Configure a Self-Signed CertificateYou can create, install, and manage self-signed server certificates. Using Client CertificatesAfter generating a client certificate, you can distribute this certificate to your remote users, who can install the certificate on their web browser. Add a Certificate Revocation ListA Certificate Revocation List (CRL) is a list of subscribers and their status, which is provided and signed by Microsoft. Parent topic: NSX Edge Configuration
