You can create a self-signed certificate. However, using a self-signed certificate is less secure than using a trusted certificate.

When you use a self-signed certificate the client user receives a warning message such as, Invalid Security Certificate. The client user must then accept the self-signed certificate when first connecting to the server in order to proceed. Allowing client users to select this option provides reduced security than other authorization methods.


Verify that a CSR is available. See Create a Certificate Signing Request File.


  1. From your browser, log in with admin privileges to an NSX Manager at https://<nsx-manager-ip-address>.
  2. Select System > Certificates.
  3. Click the CSRs tab.
  4. Select a CSR.
  5. Select Actions > Self Sign Certificate for CSR.
  6. Enter the number of days the self-sign certificate is valid.
    The default is 825 days. Even if you change this value for previously generated self-signed certificate, the default value is displayed every time you generate a new certificate.
  7. Click Add.


The self-signed certificate appears in the Certificates tab.