You can generate a certificate signing request, get it signed by a CA, and import the signed SSL certificate into NSX Manager to authenticate the identity of the NSX Manager web service and encrypt information sent to the NSX Manager web server. As a security best practice, you should use the generate certificate option to generate a private key and public key, where the private key is saved to the NSX Manager.


Log in to the NSX Manager virtual appliance.


Under Appliance Management, click Manage Settings.


From the Settings panel, click SSL Certificate.


Under Generate Certificate Signing Request, complete the form by filling in the following fields:



Key Size

Select the key length used in the selected algorithm.

Common Name

Type the IP address or fully qualified domain name (FQDN) of the NSX Manager. VMware recommends that you enter the FQDN.

Organization Unit

Enter the department in your company that is ordering the certificate.

Organization Name

Enter the full legal name of your company.

City Name

Enter the full name of the city in which your company resides.

State Name

Enter the full name of the state in which your company resides.

Country Code

Enter the two-digit code that represents your country. For example, the United States is US.


Click OK.