When trying a manual sync on subscriber content library vCenter, it fails with an SSL certificate issue.

In the cls.log of the subscriber content library, the following is observed:

cls.log

2025-01-14T22:09:50.036+11:00 | ERROR    | m4d2z244-871055-auto-io40-h5:70154729-f8 | cls-simple-activity-1     | SimpleActivityWorker           | Exception will not be handled by activity SyncLibraryActivity (handle=4****a-b*****5-8e0c-******0, entityId=********4-******45-***f6-*******cdb): InternalServerError (com.vmware.vapi.std.errors.internal_server_error) => {
    messages = [LocalizableMessage (com.vmware.vapi.std.localizable_message) => {
    id = com.vmware.vdcs.cls-main.http_request_error_peer_not_authenticated,
    defaultMessage = HTTP request error: cannot authenticate SSL certificate for host vcenter_fqdn.net.,
    args = [vcenter_fqdn.net],
    params = <null>,
    localized = <null>
}],
    data = <null>,
    errorType = INTERNAL_SERVER_ERROR

VMware vCenter Server 7.0.x
VMware vCenter Server 8.0
VMware vCenter Server 6.x

The Subscriber content library vCenter was not able to trust the certificate of the Publisher content library vCenter.

1. Download the root.cer and intermediate.cer from (if any) from the Publisher content library vCenter by using the export option seen below. Ensure that all certs are exported in base 64 format.

2. Create a chain on the certificates downloaded from step 1 and add it to the trusted root store of the subscriber content library vCenter. Use a text editor to arrange the chain, with the intermediates (if any) on top in order of signing, and the root cert at the bottom. Then add the cert chain to trusted roots under Certificate Management as indicated below: