• vCenter Server Appliance (VCSA) network interface utilization spikes to 100% and remains saturated.
• The issue occurs immediately following the replacement of expired SSL certificates.

vCenter Servers configured in Enhanced Linked Mode (ELM)

The certificate replacement process may have resulted in Duplicate Service Endpoints within the Lookup Service.
When certificates are replaced in an ELM environment, old service registrations may not be removed correctly. The presence of these duplicate endpoints forces the vCenter Directory Service (vmdir) and vCenter Server service (vpxd) into a continuous replication and synchronization loop as they attempt to reconcile the conflicting registrations. This rapid-fire communication floods the network interface, leading to resource saturation.

To resolve this issue, you must identify and remove the duplicate service endpoints using the lsdoctor utility.

Follow the instructions in Using the 'lsdoctor' Tool to download and transfer the tool to the affected vCenter Server.

Then, if the tool's output is similar to the message below, see vCenter has duplicate endpoints to clear them up.

YYYY-MM-DDTHH:MM:SS ERROR generateReport: <site>\<vCenter_FQDN> (VC 7.0 or CGW) found Duplicates Found: Ignore if this is the PSC HA VIP.  Otherwise, you must unregister the extra endpoints.