When replacing a certificate in the vCenter via the CLI Certificate Manager tool or the vCert tool you are met with error code 70063. 

vCenter Server 8.x

An invalid certificate chain exists. Likely an incorrect intermediate certificate.

This can be confirmed by inspecting each certificate's Authority ID and Subject Key ID (or SKID). The top cert's SKID should be the intermediate cert's Authority ID. This same logic applies all the way down the cert chain. If there is a mismatch anywhere, that means an incorrect certificate resides within the chain. 

Contact your CA to generate a valid certificate chain.