• When checking ESXi logs /var/run/log/fdm.log you may see error similar to below example in relation certificates: 

Host name does not match the subject name(s) in certificate.

• When you navigate to ESXi -> Configure -> System -> Certificate, you see a blank page with no certificate information (Ensure you are logged in as SSO admin, to confirm not a permissions issue)

• vpxd.certmgmt advanced setting mode is set to "Thumbprint", to confirm navigate to below: 

Select vCenter object -> Configure -> Advanced Settings -> search for "vpxd.certmgmt.mode" 

vCenter Server 8.0 U3 

vCenter "vpxd.certmgmt.mode" advanced setting is set to "Thumbprint"

Note: Prior to completing any steps, ensure you have valid Snapshots (Offline snapshots of all vCenter nodes in Enhanced Linked Mode set up) completed, prior to making any changes

To resolve the issue, follow below steps: 

1. Navigate to below: 

Select vCenter object -> Configure -> Advanced Settings -> search for "vpxd.certmgmt.mode" 

2. If this is set to "Thumbprint", edit settings and change this to "vmca" and save the change (For more information on this, please refer to the following: Change the ESXi Certificate Mode)

3. Navigate to cluster, and disable HA on the cluster 

4. Either disconnect and reconnect ESXi to vCenter, or select to renew vmca certificate from the ESXi certificate settings (for more steps on this, please refer to the following: Renew or Refresh ESXi Certificates)

5. Once the above has been completed, confirm we can view the certificates at for the ESXi in the UI 

6 Enable HA for the cluster now

HA should now get configured without issue 

Please see following document for more information on certificates modes for ESXi: Managing Certificates for ESXi Hosts