When user changes the TLS certificate of a PostgreSQL cluster, in rare occasions the cluster status remains InProgress and database service becomes inaccessible.
Same might be triggered when user modifies DNS names while using DSM-managed certificates.

This state is permanent and remediation requires manual intervention.

DSM version 9.0.0 and below

When user changes the TLS certificate of PostgreSQL cluster, not all data pods receive the new one on time.

Postgres service is then brought down for safety reasons.

The same can be caused by DNS name change when using DSM-managed certificates. This effectively causes certificate rotation.

This has been addressed in DSM 9.0.1

If you encounter this issue please contact VMware support for assistance