• Output from running command service-control --status --all confirms a number of services in a stopped state
  Including vmware-certificatemanagement, vpxd, vpxd-svcs
  
  
• certificatemanagement-svcs.log shows (certificate is expired):
  • Certificate with subject 'O=###,L=###,ST=###,C=##,cn=MACHINE- ######-######-######-######' in store MACHINE is valid until MM DD, YYYY
• Output from command
  
  for i in $(/usr/lib/vmware-vmafd/bin/vecs-cli store list); do echo STORE $i; /usr/lib/vmware-vmafd/bin/vecs-cli entry list --store $i --text | egrep "Alias|Not After"; done 
  
  confirms solution users certificates end date has passed for the following certificate stores
  
  machine
  vsphere-client
  vpxd
  vpxd-extension
  hvc
  
  
  
• Output from running vCert Tool also confirms Solution User certificates expired - KB 385107 (vCert - Scripted vCenter expired certificate replacement) 
  Option 1 - Check current certificate status

VMware vCenter Server 8.x

Expired Solution User certificates on the vCenter Server cause services to fail and users will not be able to log in from the vSphere Web Client.

To resolve the issue, renew the vCenter Server Solution User certificates using the vCert script with VMCA as the certificate authority. Follow the detailed steps outlined in the VMware KB article: KB 385107 (vCert - Scripted vCenter expired certificate replacement) 

1. Take snapshot of vCenter
2. Run the vCert tool
- Select option 3 - Manage certificates
- Select option 2 - Solution User certificates
- Select option 1 - Replace with VMCA certificates
3. Restart services when prompted