After the Cloud Foundation on VxRail deployment, you can perform certificate management from SDDC Manager. It is considered best practice to replace all of the self-signed certificates upon completion of VMware Cloud Foundation management domain deployment. Certificate management is supported for:
SDDC Manager supports integrating a certificate authority into the Cloud Foundation on VxRail instance. With this level of integration, a signed certificate for a management component can be requested, and a certificate can be auto-generated for that component from the integrated certificate authority.
If you do not want to integrate a certificate authority with the Cloud Foundation on VxRail instance, another option is to upload certificates from another external certificate authority. To integrate a certificate authority with Cloud Foundation on VxRail, the following information is needed for either a Microsoft or OpenSSL certificate authority: