This KB gives detailed procedure to renew the self signed certificates of the vCenter using Open SSL via SDDC manager.

VMware Cloud Foundation 5.x

1.In the navigation pane, click InventoryWorkload Domains.
2.On the Workload Domains page, from the table, in the domain column click the workload domain you want to view.
3.On the domain summary page, click the Certificates tab.
4.Generate CSR files for the target components.
5.From the table, select the check box for the resource type for which you want to generate a CSR.
6.Click Generate CSRs.
7.The Generate CSRs wizard opens.
8.On the Details dialog, configure the settings and click Next.
9.On the Summary dialog, click Generate CSRs.
10.Generate signed certificates for each component.
11.From the table, select the check box for the resource type for which you want to generate a signed certificate.
12.Click Generate Signed Certificates.
13.In the Generate Certificates dialog box, from the Select Certificate Authority drop-down menu, select OpenSSL.
14.Click Generate Certificates.
15.Install the generated signed certificates for each component.
16.From the table, select the check box for the resource type for which you want to install a signed certificate.
17.Click Install Certificates.