• Renewed ESXi host certificates using KB vCert - Scripted vCenter Expired Certificate Replacement
• Hosts now displaying ESXi Host Certificate Status alerts 
• ESXi Host Certificate Status alert has old timestamp

7.x, 8.x

The hosts have not been rebooted after having their certificates replaced.

If the certificates are not renewed via the UI, the hosts must be manually re-connected to vCenter to update the database. Otherwise, older alerts that have been Acknowledged may reappear/regenerate, since the alerts were never purged from the vCenter database.

Reboot hosts.

See How to Reboot or Shut Down Your ESXi Host

See vCert - Scripted vCenter Expired Certificate Replacement, under ESXi certificate operations section:

• The services on the host will need to be restarted for the new certificate and key to be applied.
• The host will need to be Disconnected and Re-connected in vCenter to update the vCenter database with the new certificate information.