• An expired CA-signed certificate with "Used by" count reading "1".
• The expired certificate is a MGMT_CLUSTER certificate.
• Node using this certificate is one of the MP cluster nodes.
• This node already does have a valid MGMT_CLUSTER certificate assigned. 

• VMware NSX
• VMware NSX-T Data Center

This issue may occur during certificate renewal in VMware NSX-T Data Center.

This certificate needs to be released from the node, please open a support case with Broadcom Support and refer to this KB article to have the certificate released.

For more information, see Creating and managing Broadcom support cases.