Starting with NSX version 4.1, many more certificates are visible in NSX. Those certificates have always been present on the platform, even in previous versions, but it was impossible to lifecycle them. This document will help the reader understand the purpose of all the certificates part of the NSX platform. It will provide examples covering common certificate-related tasks an NSX administrator may tackle while administering NSX.
To make these examples reproducible, they are presented in the form of bash scripts. We opted to use bash for maximum portability. The scripts mainly use curl to perform API calls to the NSX API and use the jq to process the returned JSON data structures. You must install jq on your system to run the sample scripts. You can use your system package manager (i.e., apt or homebrew)
The scripts are provided for educational purposes only. You should perform your validations before leveraging them on production systems.
The current doc applies to NSX version 4.1.1 and later
Note: copy and paste from the PDF doc will lead to formatting errors. All the scripts are available on GitHub for easy copy and paste: https://github.com/vmware-nsx/nsx_certificates_cookbook
Author: NSX Product Team