NSX-T LB has been deprecated, but still exists in NSX-T 4.x. I find it convenient, and easy to manage, so i still use it in my vCloud Director deployment.
When upgrading from 10.4.0.1 to 10.5.0.0 it was apparent that the SSL Ciphers that VCD now supports have changed, which denied anyone to login to the vCloud Director interface.
I was using the default-balanced-client/server-ssl-profiles that come with NSX-T, which support a broad range of ciphers.
The change required was to create new custom cipher profiles for server/client.
These profiles only allow the specific ciphers that VCD now allow.
These profiles should be associated with both the Virtual Server object but also the Monitor object. If you don’t remember to change the Monitor profile your Monitor will keep your Virtual Server in a downed state since it can’t check the service is up and running.
Every day is a learning day 