VMware vCenter (version 8+) does not accept SSL certificates with SHA-1 root. PositiveSSL certificates are delivered with two certificate paths, a legacy path using a SHA-1 based root certificate, as well as a new one using a SHA-384 root certificate.
1. Import "USERTrust RSA Certification Authority" SHA2 root certificate into the Trustet Root Store. vCenter typically only shows self-signed or previously imported root certificates there.
2. Install your certificate including the SectigoRSADomainValidationSecureServerCA intermediate certificate instead of the CABundle. You can find SectigoRSADomainValidationSecureServerCA inside the InterSSL download of your SSL certificate.
Alternatively, we can offer you to switch the product to RapidSSL, where you will only receive a certificate path with SHA-256 root certificate.
