In an environment where two or more vCenter Servers are configured in Enhanced Linked Mode (ELM):

• After updating the certificate on vCenter A, logging into the vSphere Client for vCenter A displays both vCenter A and vCenter B.

• However, when logging into vCenter B, only vCenter B is visible — vCenter A does not appear.

• The vCenter B certificate has expired.

• The vmdir state on vCenter B is Read-Only.

• vCenter Server 7.0
• vCenter Server 8.0

When a vCenter Server certificate expires, several critical services may fail to start or become unstable.
This disruption can affect ELM communication between vCenters and lead to one or more nodes entering a vmdir read-only state.

In this state, the vmdir database becomes locked, preventing synchronization or certificate renewal across the ELM-linked vCenters.
As a result, any certificate update or replication process in ELM will fail.

This condition requires direct intervention from Broadcom (VMware) Support due to the dependency loop between expired certificates and the vmdir state.

Please contact the Broadcom VMware Cloud Foundation (VCF) Support team for assistance.

When opening a support case, include:

1. The current vmdir state output for each vCenter Server in ELM.

2. Details of the certificate expiration (expiration date, service certificate type).

3. Relevant log bundles from all ELM vCenters.

For more information, see:

Creating and Managing Broadcom Support Cases