You can create, install, and manage self-signed server certificates.

Before you begin

Verify that you have a CA certificate so that you can sign your own certificates.

Procedure

  1. Log in to the vSphere Web Client.
  2. Click Networking & Security and then click NSX Edges.
  3. Double-click an NSX Edge.
  4. Click the Manage tab and then ensure that you are in the Settings tab.
  5. Click Certificates.
  6. Follow the steps below to generate a CSR.
    1. Click Actions and select Generate CSR.
    2. In Common name, type the IP address or fully qualified domain name (FQDN) of the NSX Manager.
    3. Type your organization name and unit.
    4. Type the locality, street, state, and country of your organization.
    5. Select the encryption algorithm for communication between the hosts.

      Note that SSL VPN-Plus only supports RSA certificates. VMware recommends RSA for backward compatibility.

    6. Edit the default key size if required.
    7. Type a description for the certificate.
    8. Click OK.

    The CSR is generated and displayed in the Certificates list.

  7. Verify that the certificate you generated is selected.
  8. Click Actions and select Self Sign Certificate.
  9. Type the number of days the self sign certificate is valid for.
  10. Click OK.