Users may encounter issues with vSphere DRS functionality where:
- VMware vCenter Server 7.0 or later
- vSphere DRS-enabled clusters
- Environment using either VMCA-signed or custom certificates
This behavior can occur when either:
1. The vCenter Server's SSL certificates have expired
2. The Security Token Service (STS) signing certificate has expired
When these certificates expire, it can cause various services to fail, including DRS functionality. This may trigger alerts that incorrectly suggest the cluster is in "Retreat Mode" when the root cause is actually certificate expiration.
Follow these steps to resolve the issue: