• Certificate management in the vSphere client does not show Machine SSL certificate and option to generate or install certificate is greyed out.
• A informative message is observed for Machine SSL certificate with message:  "Machine SSL Certificates are managed by SDDC Manager"'.

• The vCenter Server is a member of an SSO domain where other vCenter Servers are already registered and managed by the SDDC Manager. However, the affected vCenter Server is not managed by the SDDC Manager.

• VCF 5.x

• This behavior is expected due to the SDDC Manager's role in centralized lifecycle management within a VMware Cloud Foundation (VCF) environment, which includes control over certificate management for the associated vSphere Single Sign-On (SSO) domain.

1. If the vCenter Server in question is managed by a SDDC Manager, use SDDC Manager to renew the vCenter Server certificates.
   
   
2. If the vCenter Server is not managed by the SDDC Manager and the vCenter Server is a member of the SSO domain where other vCenter Servers are already registered and managed by SDDC Manager, remove the vCenter Server from the Enhanced Linked Mode by doing a domain repoint.

For the steps to remove the vCenter Server from Enhanced Linked Mode by repointing its node from the shared SSO domain to its own standalone domain, follow the KB: Splitting Enhanced Linked Mode (ELM).