Replace the default certificate to establish a trusted connection with the management components in the SDDC. You replace the existing certificates by using the REST API of the NSX-T Global Manager. To replace the certificate for an NSX-T Global Manager node, you import the certificates from the NSX-T Global Manager user interface and replace the existing certificates by using a REST API client.

Procedure

  1. In a Web browser, log in to the first NSX-T Global Manager node for the workload domain in Region B by using the user interface.
    Setting Value
    URL lax-w01-nsxgm01a.lax.rainpole.io
    User name admin
    Password nsx_t_admin_password
  2. Retrieve the ID of the certificate.
    1. On the main navigation bar, click System.
    2. In the navigation pane, select Certificates.
    3. Click the ID value of the lax-w01-nsx-gm01 certificate, copy it from the text box, and save it to use it later.
  3. Log in to the host that has access to your data center.
  4. Replace the default certificate on the NSX-T Manager appliance with the CA-signed certificate.
    1. Start the Postman application in your Web browser and log in.
    2. On the Authorization tab, enter the following settings and click Update request.

      Setting

      Value

      Type

      Basic Auth

      User name

      admin

      Password

      nsxt_admin_password

    3. On the Headers tab, add a key by using the following details.

      Setting

      Value

      Key

      Content-Type

      Key Value

      application/xml

    4. In the request pane at the top, send the following HTTP request.

      Setting

      Value

      HTTP request method

      POST

      URL

      https://lax-w01-nsx-gm01a.lax.rainpole.io/api/v1/node/services/http?action=apply_certificate&certificate_id=lax-w01-nsx-gm01_certificate_ID

      After the NSX-T Global Manager sends a response back, on the Body tab, you see a 202 Accepted status.

  5. In a Web browser, log in to the management domain vCenter Server in Region B by using the vSphere Client.
    Settings Value
    URL https://lax-m01-vc01.lax.rainpole.io/ui
    User name administrator@vsphere.local
    Password vsphere_admin_password
  6. Restart the NSX-T Manager appliance.
    1. In the VMs and templates inventory, expand the lax-m01-vc01.lax.rainpole.io tree and expand the lax-m01-dc01 data center. tree.
    2. Expand the lax-m01-fd-nsx folder.
    3. Right-click the lax-w01-nsx-gm01a virtual machine, and select Power > Restart guest OS.