Symptoms:

• When attempting to access Site Recovery via vSphere Replication, users may observe the following error message:"vSphere Replication - UI Error: Unknown error"

• Additionally, the "Open Site Recovery" option is greyed out in the vSphere Client.
• From the paired site, attempts to open the replication site reveal that the vCenter certificate has expired.

Other observations:

• vSphere Replication Appliance VAMI UI (e.g., https://replication01:5480) is accessible.
• DR site replication UI (https://replication01/dr) fails to load.

VMware vSphere Replication 9.x

The issue is caused by an expired SSL certificate on the vCenter Server, resulting in a trust mismatch between the vSphere Replication Management Server (VRMS) and vCenter.

Log analysis from the VRMS appliance (/opt/vmware/support/logs/dr/drconfig.log) shows SSL handshake failures due to certificate validation errors:

2025-06-04T10:29:51.311Z warning drconfig[00991] [SRM@6876 sub=IO.Connection opID=c7022e6f-4b1a-4f88-941a-5f767aaee0a6-probeSsl] Failed to SSL handshake; SSL(<io_obj p:0x00007fc714068da0, h:19, <TCP '10.#.#.36 : 54938'>, <TCP '10.#.#.183 : 443'>>), e: 167772294(ce
rtificate verify failed (SSL routines)), duration: 4msec
2025-06-04T10:29:51.311Z warning drconfig[00991] [SRM@6876 sub=ProbeSsl.Url.DrConfigSslCertificateManager opID=c7022e6f-4b1a-4f88-941a-5f767aaee0a6-probeSsl] SSL client handshake to '<vCenter FQDN>:443' failed.
--> N7Vmacore3Ssl18SSLVerifyExceptionE SSL Exception: Verification parameters:
--> PeerThumbprint: 8D:B6:8B:65:BA:E7:##:##:##:##:##:DB:74:24:AA:BB:DE:B6:85:64
--> ExpectedThumbprint:
--> ExpectedPeerName: <vCenter FQDN>
--> The remote host certificate has these problems:
-->
--> * certificate has expired

To resolve this -

• Renew the vCenter Server certificate to ensure a valid and trusted connection.
• Reconfigure the VRMS appliance to re-establish trust with the newly updated vCenter Server certificate.