[NSX-T 3.1] Export root ca certificate file of NSX-T manager

According to for VMware vCenter you can download all certificate files including root ca file as followed:

Note: Direct URL to download the Certificate is https://vCenter_FQDN/certs/ (Example -

How can I download / export all certificate on a NSX-T manager node?

0 Kudos
1 Reply

So under the hood of the nsx manager appliance it's all ubuntu, with the ca-certificates package installed.  Not saying this is what you are after, but I haven't been able to find a nice way of doing this yet.

On the appliance as root, you could run this -  openssl s_client -showcerts -verify 5 -connect nsxmgr:443 < /dev/null, the certs should be at the top of the list.  I think they may be the ones you need.  You could save them to a file.

Or GET https://nsxmgr/v1/trust-management/certificates/ may have the one you are after.


Again not too sure if this is what you are after, just something I have found.

Shashank Mohan

VCIX-NV 2022 | VCP-DCV2019 | CCNP Specialist
Twitter @ShankMohan
Author of NSX-T Logical Routing:
0 Kudos