Running Option 8 to reset all certs seems to have fixed my original issue and allows me to login to VCSA web UI although the cert manager didn't technically finish successfully all the way because one service wouldn't restart after it replaced the certs. The "wcp" service which is now the only vCenter service that won't start. This is preventing VCSA backups from being made now because it complains that not all required services are running so something is still messed up.
If I try to start the service from appliance management UI, it says starting for a few minutes then returns the error "Operation timed out" on top.
