You can create secrets to store NSX client certificate and key or load balancer certificate and key.

The simplest way for creating Secret is to use the kubectl command:
kubectl create ns nsx-system
kubectl create secret tls ${CERT_NAME} --key ${KEY_FILE} --cert ${CERT_FILE} -n nsx-system
You can also create secrets using the NCP YAML file by uncommenting the the example Secret sections in the file, and fill in the base64-encoded values of the certificate and key. Use the following commands to get the base64-encoded string from the certificate or key file:
cat cert_file.crt | base64 -w 0
cat key_file.crt | base64 -w 0