• NSX Edge is in a Failed state when checking the NSX UI
• Running "get controllers" from the NSX Edge CLI shows the status Failure Reason as: HOST_REJECTED_CONTROLLER_CERT
  edge-name> get controllers
Tue Nov 04 2025 UTC 14:11:25.634
 Controller IP       Port     SSL       Status       Is Physical Master   Session State  Controller FODN             Failure Reason   
  ##.###.##.##    1235   enabled    disconnected           true              down              NA           HOST_REJECTED_CONTROLLER_CERT
  ##.###.##.##    1235   enabled      not used            false              null              NA                         NA
  ##.###.##.##    1235   enabled      not used            false              null              NA                         NA
• Checking /var/log/syslog on the Edge you may see a certificate error such as the following:
  2025-11-04T12:08:06.588Z edge-name NSX 4859 - [nsx@6876 comp="nsx-edge" subcomp="nsx-proxy" s2comp="nsx-net" tid="6354" level="ERROR" errorCode="NET1111"] Certificate validation failed: 9-certificate is not yet valid#012Certificate:#012    Data:#012        Version: 3 (0x2)#012        Serial Number:#012            ##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:###012        Signature Algorithm: sha256WithRSAEncryption#012        Issuer: C=US; ST=California; L=Palo Alto; O=VMware, Inc.; [email protected]; CN=VMware-NSX-ApplProxyHub-CCP; UID=<UUID>#012        Validity#012            Not Before: Nov  04 16:31:51 2025 GMT#012            Not After : Nov 04 16:31:51 2035 GMT#012

NSX 4.x

NSX Edge system clock is out of sync

• Ensure NTP is configured and restart services. See the following document for details:
  Configuring NTP on Appliances and Transport Nodes