You can configure self-signed service certificates with your edge gateways, to use in their VPN-related capabilities. If the edge gateway for your vCloud Director organization virtual data center has been converted to an advanced edge gateway, you can use the Certificates screen in the vCloud Director tenant portal to create, install, and manage self-signed certificates.

If the service certificate is available on the Certificates screen, you can specify that service certificate when you configure the VPN-related settings of the edge gateway. The VPN presents the specified service certificate to the clients accessing the VPN.


Verify that at least one CSR is available on the Certificates screen of the tenant portal when you open the tenant portal for the edge gateway. See Generate a Certificate Signing Request for an Edge Gateway.


  1. Open Edge Gateway Services.
    1. Navigate to Networking > Edges.
    2. Select the edge gateway to edit, and click Configure Services.
  2. Click the Certificates tab.
  3. Select the CSR in the list that you want to use for this self-signed certificate and click Self-sign CSR.
  4. Type the number of days that the self-signed certificate is valid for.
  5. Click Keep.

    The system generates the self-signed certificate and adds a new entry with type Service Certificate to the on-screen list.


The self-signed certificate is available on the edge gateway. In the on-screen list, when you select an entry with type Service Certificate, its details are displayed in the screen.