NSX 4 installation comes with an out-of-the-box self-signed SSL certificate. For security and compliance reasons, most customers want to replace the default self-signed certificates with CA-signed certificates. In this two-part blog post, I’ll explain how to prepare your certificate infrastructure, request the certificate, and finally replace the SSL certificate. There are some very useful guides, like this one from VMware, but I will explain the whole certificate replacement process in the following blog posts.