• Users are unable to login to the vCenter Server.
• Verifying the certificate validity using the below command or using vCert - Scripted vCenter expired certificate replacement shows that the certificates are expired

 for store in $(/usr/lib/vmware-vmafd/bin/vecs-cli store list | grep -v TRUSTED_ROOT_CRLS); do echo "[*] Store :" $store; /usr/lib/vmware-vmafd/bin/vecs-cli entry list --store $store --text | grep -ie "Alias" -ie "Not After";done;

• However, as per the expiration date of the certificate they are valid.
• The validity of the certificate shows a future data.
• Renewing the certificate does not resolve the issue.

7.x, 8.x

• This issue occurs when vCenter Server is synching with a rogue NTP server and the has an incorrect timestamp in the future beyond the SSL certificate expiry date.
• Verify the current timestamp of the vCenter Server using the "date" or "timedatectl status" command and confirm it is pointing to a future date.

• Fix the issue with the NTP server
• As a workaround, manually set the correct time using the command. This is not persistent across reboots. 
  
   "timedatectl set-time "<current timesamp>"