If a certificate on any VCF Management Component is updated twice, whether through its native UI, API, or CLI, the trust cannot be established between the component and VCF Operations fleet management.

Non-Disruptive Certificate (NDC) flow supports only a single direct certificate update on the component

We have to manual establish the trust on VCF Operations fleet management by triggering this API.

curl --location --request POST 'https://<lcm-fqdn>/lcm/certificate-management/api/certificate-trust?endpoint=<endpoint to be trusted>' \
--header 'Authorization: Basic <basic-auth>'

endpoint to be trusted is the component URL where the certificate has been changed more than once.