Upon Aria Operations for Logs deployment, SDDC Manager deploys a dedicated agent so SDDC Manager can upload its logs to that Aria Operations for Logs instance. The agent is preconfigured (in SDDC Manager codebase) to use non-ssl communication.

VCF 4.x
VCF 5.x

This is by design.

 To enable SSL communication between the preinstalled Aria Operations for Logs (a.k.a. vRealize Log Insight) agent and the Logs product instance in the VCF enabled environment please follow this steps:

1. Enable "Secure Communication (SSL)" toggle in the Aria Lifecycle Manager UI Settings/Logs section by navigating tohttps://{URL}/lcm/lcops/settings/logs)
2. Stop agent
3. Review the Configure Agent SSL parameter guide and generate a proper certificate dedicated for the Aria Operations for Logs instance and set it in the ssl_ca_path property in the liagent.ini (i.e. ./var/lib/loginsight-agent/liagent.ini)
4. Turn on ssl config in liagent.ini, see here for details.