Solution 1
Update Manager 5.0 introduces a new setting that verifies the SSL certificates during download. By default, this value is set to 1 or enabled.
To disable this behavior on vCenter 6.0 and lower:
- Click Start > Run, enter regedit, and click OK. The Registry Editor window opens.
- Navigate to the HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\VMware, Inc.\VMware Update Manager key.
- Right-click the value of the SslVerifyDownloadCertificate key and click Modify.
- Change the Value data field value to 0.
- Click OK.
- Click Start > Run, enter services.msc, and click OK.
- Right-click VMware vSphere Update Manager Service and click Restart.
Solution 2
Trust the certificate for the site that is failing by installing it into the trusted certificate store for the local computer. You can also download and trust the CA certificates that were used in signing the site certificate into the local computer certificate store.
You may also want to update the root certificates on the Microsoft Windows operating system. For more information, see the
Microsoft Download Center.
Note: On vCenter 6.5/6.7 with a 64bit Update Manager, the registry path is HKEY_LOCAL_MACHINE>SOFTWARE>VMware, Inc.>VMware
You must download the corresponding version of root certificates for your operating system. For more information, see the Microsoft support documentation.
Note: The preceding link was correct as of November 12, 2015. If you find the link is broken, provide a feedback and a VMware employee will update the link.