When visiting the vSphere UI (http://example.com/ui) "500 Internal error" message is presented instead of the expected login screen with username and password. The logging for the vSphere UI will have the following error messages present:

vsphere_client_virgo.log

ApiGwServicePrincipal$ApiGwServicePrincipalTokenAcquisitionTask [] Failed to acquire an API GW service-principal token com.vmware.vcenter.apigw.api.sso.SsoDomainNotFoundException: Couldn't find any API GW registration on the local node. Can't determine the local domain.

474241:Caused by: com.vmware.vcenter.apigw.api.sso.SsoServiceException: Failed to refresh STS issuer certificates for domain vsphere.local(2b2d2780-11e5-11e4-888f-0050569552f4)

VMware vCenter Server

This is due to the vSphere web client service registration being associated with an old or unknown SSO domain 

Please use LSDoctor with the rebuild function (-r flag and option 2) in order to rebuild the service registrations on the correct SSO domain. After restarting services the logon screen will be present

Using the LSDOCTOR tool