I recently had a customer inquiry where they were interested in automating the certificate replacement for vCenter Solution Users when using the /usr/lib/vmware-vmca/bin/certificate-manager CLI, which is found within the vCenter Server Appliance (VCSA).
Note: One important thing to understand is that with vSphere 7.0, the vCenter Solution User certificates have been deprecated and the ability to replace the internal certificates will be removed in a future release as mentioned in the referenced vSphere blog post.
VMware does not recommend replacing the internal vCenter Solution User certificates, but for users who may have an organization requirement to do so, the operation is performed interactively using the certificate-manager CLI as mentioned earlier.
By design, the certificate-manager is meant to be consumed interactively and any non-interactive or automated use cases is not possible ...