When attempting to replace or renew certificates for an ESXi host or other VCF component using a configured Microsoft Certificate Authority (CA) server in the VCF Operations UI (Fleet Management > Certificates page), the process fails. You observe the following errors:

• Certificate replacement for appliance #.#.# has failed. This is a task for REPLACE_CERTIFICATE of an appliance #.#.#.

• Certificate replacement for appliance #.#.# has failed. 500: "500 Internal Server Error:"<!DOCTYPE html PUBLIC>"-...There is a problem with the resource you are looking for, and it cannot be displayed....

This prevents the replacement of default, self-signed certificates.

VCF Operations 9.0.1

The CA Server URL entered during the Configure a Certificate Authority process is incorrect or uses a format that the VCF component cannot resolve or communicate with.

1. Review the existing Certificate Authority configuration for VCF and ensure the **CA Server URL** is correctly entered.

2. Refer to the official product documentation for the correct format: Configure a Certificate Authority for VMware Cloud Foundation.

3. Update the CA Server URL if it is incorrect and save the configuration.

4. Attempt the certificate replacement again.