You can import a signed certificate of NSX-T Data Center generated CSR. This page provides the step to import a signed certificate of NSX generated CSR.

A self-signed certificate acts as a certificate as well as CA. It is not required to be signed from any external CA, whereas CSR is a certificate signing request that cannot act as CA and must be signed by external CA. Note that a self-signed certificate is not supporetd for LB.

When you use a self-signed certificate the client user receives a warning message such as, Invalid Security Certificate. The client user must then accept the self-signed certificate when first connecting to the server in order to proceed. Allowing client users to select this option provides reduced security than other authorization methods.



  1. From your browser, log in with admin privileges to an NSX Manager at https://<nsx-manager-ip-address>.
  2. Select System > Certificates.
  3. Click the CSRs tab.
  4. Select a CSR.
  5. Select Actions > Import Certificate for CSR.
  6. Browse to the signed certificate file on your computer and add the file.
  7. Click Add.


The self-signed certificate appears in the Certificates tab.