When accessing the vCenter UI and selecting the updates tab on a host or cluster you may see an error like below: 

When running below command in the vCenter SSH session logged in as root, you see that the Machine SSL and/or other certificates have recently expired:

for store in $(/usr/lib/vmware-vmafd/bin/vecs-cli store list | grep -v TRUSTED_ROOT_CRLS); do echo "[*] Store :" $store; /usr/lib/vmware-vmafd/bin/vecs-cli entry list --store $store --text | grep -ie "Alias" -ie "Not After";done;

vCenter Server 7.x 

vCenter Server 8.x 

The issue may be caused by an expired Machine SSL certificate. When this certificate expires, critical vCenter services stop functioning correctly, preventing the UI from retrieving data for the Lifecycle Manager and Update Manager components

To replace the expired Certificate please see below steps: 

Option A (Certificate Manager): Use the certificate-manager utility and select Option 3 to replace the Machine SSL certificate Using Certificate Manager. See following article for steps: Using vSphere Certificate Manager to Replace SSL Certificates

Option B (vCert Script): If the certificate-manager fails due to existing expirations, use the vCert tool to perform a scripted replacement vCert Replacement Script. See following article for steps on this: vCert - Scripted vCenter expired certificate replacement

Similar issue: Error "An Unexpected error has occurred" message appears accessing vSphere Lifecycle Manager and baselines from the ESXi host.