In this series, we are going to replace the self signed certificate with an enterprise CA cert.
Blog Series
- Installing NSX-V 6.4
- Configure Controller Nodes and enable CDO mode in NSX-V 6.4
- One Page View of all NSX-V commands
- Configure VXLAN and Prepare ESX hosts for VXLAN traffic
- Configure the Transport Zone and Logical Switches
- Configure Distributed Logical Router
- Configure Edge Services Router (ESG)
- Verifying VXLAN Connectivity
- Regenerate Self-signed Certificate on NSX-V
- DLR VM SSH Access
- Backup NSX-V Manager
- Dynamic routing with OSPF in DLR
- Dynamic routing with OSPF in ESG
- VMware NSX Edge Load Balancer
- VMware NSX Edge Load Balancer SSL Offloading
- NSX-V Firewall & Microsegmentation
- NSX-V Firewall Service Composer
This post assumes you have an Active directory CA installed and web enrollment working as we will need it to complete the exercise
Installing the Certificate on NSX-V
Go to NSX Edge – Configure – Certificates tab – CSR Actions to generate a certificate

Generate CSR

Double click the EGS-01 cert we generated

Copy the Cert request

Generating a certificate from Central CA dc.ash.local
Go to chrome browser and browse to your web enrollment page as shown
http://localhost/certsrv/
Click Request certificate

Copy the Cert Request entry we generated earlier and paste here and submit an advanced certificate request.

Click Download Certificate

Open the .cer file in notepad

Copy all the contents

Click Import Certificate on CSR Actions

Copy everything from our notepad in here and click OK

We have succesfully changed our certificate to our enterprise CA
