vCenter is upgraded from 7.x to 8.x 

vCenter is using Custom certificates with unsupported signatured algorithms like ecdsa-with-SHA256

wcp-firstboot.py_15010_stderr.log

YYYY-MM-DDTHH:MM:SS.###Z  Invoked command: ['/usr/lib/vmware-vmafd/bin/vecs-cli', 'entry', 'create', '--store', 'wcp', '--alias', 'wcp', '--cert', '/tmp/wcp_izgaakqr.crt', '--key', '/tmp/wcp_m1b6iwwu.priv']
YYYY-MM-DDTHH:MM:SS.###Z  RC = 167
Stdout =
Stderr = vecs-cli failed. Error 90023: VC supports only SHA-2 RSA signature algorithms

YYYY-MM-DDTHH:MM:SS.###Z  WCP firstboot failed

vCenter server

The issue arises when custom certificates utilizing unsupported signature algorithms, such as ecdsa_with_SHA256, are employed for Machine SSL and Solution users.

vSphere currently restricts server authentication to RSA certificates and does not support the generation of ECDSA certificates.

The following algorithms are not supported: md2WithRSAEncryption, md5WithRSAEncryption, RSASSA-PSS, dsaWithSHA1, ecdsa_with_SHA1, ecdsa_with_SHA2, and sha1WithRSAEncryption.

The vCenter certificates must be reset to the default VMware certificates or replaced with RSA certificates. Note that only RSA certificates are supported for both MACHINE SSL and Solution users on the vCenter server.

Importing custom SSL certificates into vCenter fails with an error "Certificate uses unsupported signature algorithm - ecdsa-with-SHA256"

vSphere Certificate Requirements for Different Solution Paths