If you need to replace a certificate, for example, if your certificate is expiring, you can make an API call to replace the existing certificate.

Prerequisites

Verify that a certificate is available in the NSX Manager. See Create a Self-Signed Certificate and Import a Certificate.

Procedure

  1. From your browser, log in with admin privileges to an NSX Manager at https://nsx-manager-ip-address.
  2. Select System > Trust from the navigation panel.
  3. Click the Certificates tab.
  4. Click on the ID of the certificate you want to use and copy the certificate ID from the pop-up window.
  5. Use the POST /api/v1/node/services/http?action=apply_certificate API call to replace the existing certificate. For example,
    POST https://<nsx-mgr>/api/v1/node/services/http?action=apply_certificate&certificate_id=e61c7537-3090-4149-b2b6-19915c20504f

    For more information, see the NSX-T API Reference.

Results

The API call restarts the HTTP service so that the service can begin using the new certificate. When the POST request succeeds, the response code is 200 Accepted.