Our certificate for our VCSA appliance showed as revoked (expired) and would not allow access to manage the vSPhere environment via web browser (at least in Firefox).  Using Chrome, I was able to use the HTML5 version to get in, and was also able to get into the GUI manager for the PSC where you can manage the certificates.  The language was a bit confusing for the cert files I was provided, but there were 3 tabs from what I recall:  Machine Certs, Solution User Certs and Root Certs, which I thought I had uploaded properly.  There's some technique to be employed where combining certs to create a chain is necessary so that might have been why that part didn't work.  The problem now is, I can't get back to that manager GUI, and when I try to use the Certificate Manager via CLI, I'm getting errors trying to both upload what I did in the GUI and trying to reset to get back to square 1 and start over with, perhaps, a self-signed cert or something...

When I choose any of the options in the cert manager, including resetting all or generate certificates, no matter what I changed or what defaults I use for the config, it always seems to give errors "updating services", then it rolls back the changes it was trying to make.  Each time it takes roughly 15-20 minutes before I see that nothing has changed and I still can't get back into the GUI to manage the VMs, etc., and the browser just shows there's an invalid certificate (Chrome) or won't allow me to even proceed with caution (Firefox).  It says check the /var/[directory]/log for details, but the log only shows the errors that I get (maybe I'm not seeing the right thing?).  ANy assistance on this would be great as I need to get back into the system to manage and update the certificates ASAP.  Thanks.