Using self-signed certificates might be less secure than using trusted certificates.

When you use a self-signed certificate the client user receives a warning message such as, Invalid Security Certificate. The client user must then accept the self-signed certificate when first connecting to the server in order to proceed. Allowing client users to select this option provides reduced security than other authorization methods.


Verify that a CSR is available. See Create a Certificate Signing Request File.


  1. From your browser, log in with admin privileges to an NSX Manager at https://nsx-manager-ip-address.
  2. Select System > Trust from the navigation panel.
  3. Click the CSRS tab.
  4. Select the existing CSR.
  5. Click Actions and select Self Sign Certificate for CSR from the drop-down menu.
  6. Enter the number of days the self-sign certificate is valid.
    The default time frame is 10 years.
  7. Click Save.


The self-signed certificate appears in the Certificate list. The certificate type is designated as self-signed.