This issue occurs when the host has problems with the certificate.
Resolution
To resolve this issue, you must recreate the host certificates.
To recreate the host certificates:
Log in to the affected ESXi/ESX host.
Navigate to the location where the certificate files are stored using this command:
cd /etc/vmware/ssl
Verify if the certificate files are available using the command:
/etc/vmware/ssl # ls
You see an output similar to:
rui.crt rui.key
Move these file to a temporary directory using these command:
Note: Ensure that these files are moved by re-running the ls command.
mv rui.crt /tmp
mv rui.key /tmp
Recreate the SSL certificate for the host using one of these commands:
/sbin/generate-certificates
or depending on the ESX/ESXi version, the command may be:
/sbin/generate-certificates.sh
Note: Restarting the management services does not recreate the SSL certificates. You must run the generate-certificates script. On ESXi 5.5 you may receive the following error:
WARNING: can't open config file: /usr/ssl/openssl.cnf
or
WARNING: can't open config file: /etc/pki/tls/openssl.cnf
These messages can be safely ignored as the new certificate is generated successfully.
Run this command to verify if the files are created:
/etc/vmware/ssl # ls
You see an output similar to:
rui.crt rui.key
Disconnect the host from vCenter Server and then remove it from the Inventory.
Note: Ensure that EVC is not enabled before removing the host. If EVC is enabled, the host will require downtime.