Symptoms:
When you use the vSphere Client to run [Renew] operation for Machine SSL Certificate, restart services, then connect to the vCenter Server again, your Web browser displays a message similar to:
Clearing the browser cache or cookie does not resolve the issue.
When you use Certificate Manager Option 3 (KB How to use vSphere Certificate Manager to Replace SSL Certificates), you do not hit the issue.
Follow the steps from the section: "Active Directory Group Policy Update in Deployments with VMCA as an Intermediate Certificate Authority: in the Knowledgebase Article Download and install vCenter Server root certificates to avoid web browser certificate warnings.
That section will add the VMCA intermediate certificate into Intermediate Certification Authorities of the client machines.