Could not establish retrust due to: Retrust with xxxx.nsx.xxx.com failed, with error Failed to update the vCenter xxx.vc.xxxx.com, received error response 400 Bad Request:"{<EOL> "details": The time set on compute manager xxx.vc.xxx.com is ahead of the time set on NSX by 62 seconds.

VMware Cloud Foundation 4.x
VMware Cloud Foundation 5.x

The time set on compute manager xxx.vc.xxx.com is ahead of the time set on NSX reported number of seconds exceeding '60'.

The time difference on vCenter and NSX shouldn't be more than 60 seconds.

• Check the vCenter NTP settings from the vCenter Appliance Management, VAMI
• Verify the NTP server set on the NSX.

NSX->Fabric->Profiles->System->Node Profiles->All NSX Nodes->Overview->NTP Servers

• If no NTP servers exist, it takes the NTP directly from VCF. 
• Add the NTP server on VCF

Network Management->Network Settings->NTP Configuration->NTP servers->Edit

• Generate CSR's
• Get the certs signed and install them as per the normal process.

No restart required