When attempting to patch ESXi hosts using vSphere Lifecycle Manager (single image mode), the remediation process fails.

The vSphere Client UI displays a validation error similar to the following: VIB VMware_bootbank_loadesx_8.0.3-0.95.25205845 contains an invalid or corrupted signature.

Additionally, the vSphere Lifecycle Manager UI may report an inaccurate or historical timestamp (e.g., the year 1998) for the last compliance check.

• VMware ESXi 8.0.x

• vSphere Lifecycle Manager (vLCM)

This issue occurs due to severe time skew on the affected ESXi hosts. If the hosts are configured with incorrect or unreachable NTP servers, the system time may fall significantly out of sync (e.g., reverting to a past year like 1998).

During remediation, the host evaluates the digital certificate of the VIB payload. Because the host's system time falls outside the valid date range of the VIB's digital signature, the cryptographic validation fails, halting the patching process.

To resolve this issue, synchronize the ESXi host time with a valid time source:

1. Log in to the vSphere Client or directly to the affected ESXi host.

2. Navigate to the time configuration settings for the host.

3. Update the NTP server configuration to point to valid, reachable time sources.

4. Restart the NTP service on the host to force immediate time synchronization.

5. Verify that the host's system date and time are now correct.

6. Return to vSphere Lifecycle Manager, re-run the cluster compliance check, and proceed with remediating the hosts.