NSX, vCloud, VMware

NSX Edge vs vShield Edge: Part 4 – Generating Self Signed SSL Certificates

Overview:

With the VSE and NSX Edges there are a number of features that can take advantage of Certificate services both as authentication mechanisms and for more traditional SSL Server Certificate termination. In both the VSE and NSX Edges you have the ability to Generate or Import a certificate with the following being a quick overview of how to generate a self signed certificate which can then be used for Edge services. In this post I am only going to go through the Web Client setup and not list the API commands as with other posts in this series…there is no vCloud Director UI to configure certificates.

Configuring Self Signed SSL Certificate From Web Client:

Double Click on the Edge under the NSX Edge Menu Option in Networking and Security, Select the Manage Tab and Click on the Certificates Option in the Menu. Click on Actions and Generate CSR.

NSX_R3_CERT_1

The following entries are required to create the request:

NSX_R3_CERT_2

Once completed the CSR will be shown in the PEM Encoding Box. This needs to be copied to complete the request if the CSR is to be completed externally.

NSX_R3_CERT_3

Select the Certificate in the Main Window and drop down the Actions item and choose Self Sign Certificate.

NSX_R3_CERT_4

Enter in the days required (generally this should be between 1-3 years)

NSX_R3_CERT_5

Once completed you will see a new SSL Cert appear in the Certificates main window which is of Type Self Signed

NSX_R3_CERT_6

NSX_R3_CERT_7

The SSL Certificate can now be used for EDGE Services.

Further Reading:

http://pubs.vmware.com/NSX-61/topic/com.vmware.ICbase/PDF/nsx_61_api.pdf 

Leave a Reply

Your email address will not be published. Required fields are marked *

WordPress Appliance - Powered by TurnKey Linux