After you deploy the NSX Manager appliance, replace the default certificate to establish a trusted connection with the management components in the SDDC. The certificate generated by the CertGenVVD utility is signed by a certificate authority (CA) on the parent Active Directory server.
Use the following files to replace the certificate on NSX Manager for the shared edge and compute cluster.
NSX Manager FQDN
- Log in to the Compute NSX Manager appliance user interface.
- Open a Web browser and go to https://sfo01w01nsx01.sfo01.rainpole.local.
- Log in using the following credentials.
- On the Home page, select Manage Appliance Settings.
- On the Manage tab, click SSL Certificates, click Upload PKCS#12 Keystore.
- Browse to the certificate chain file sfo01w01nsx01.4.p12, provide the keystore password or passphrase, and click Import.
- Restart the NSX Manager to propagate the CA-signed certificate.
- In the NSX Manager page, click the Settings icon.
- From the drop-down menu, select Reboot Appliance.
- Repeat Connect NSX Manager to vCenter Server in Region A procedure for the compute NSX Manager.
- Repeat Re-Join Secondary NSX Manager to Primary NSX Manager in Region A procedure for the compute NSX Manager with the following values.
Primary NSX Manager
New IP address/Hostname