When we try to add an ESXi Host to vCenter we get the following error “A general system error occurred: Unable to push CA certificates and CRLs to host XXXXXXX”
Modify the advanced configuration “Config.HostAgent.ssl.keyStore.allowSelfSigned” introduced in ESXi 6.7 Update 3 to ignore the Self Signed Certificates.
Connect to the ESXi using Host Client
Select Manage Tab
Select Advanced Settings
Locate the option “Config.HostAgent.ssl.keyStore.allowSelfSigned”
Edit the value from false to true
Reboot the ESXi host.
Retry adding the ESXi host to vCenter Server or certificate renew operation