After generating a client certificate, you can distribute this certificate to your remote users, who can install the certificate on their web browser.

The main benefit of implementing client certificates is that the NSX Edge Load Balancer can ask the client for its client certificate, and validate it before forwarding its web requests to the backend servers. If a client certificate is revocated because it has been lost, or the client doesn't work in the company anymore, NSX Edge will validate the client certificate doesn't belong to the Certification Revocation List.

NSX Edge Client certificates are configured under Application Profile.

For more information on generating client certificates, refer to Scenario: SSL Client and Server Authentication.