diff --git a/inc/vCenter-SSL.ps1 b/inc/vCenter-SSL.ps1
index 245522be..74dc2256 100644
--- a/inc/vCenter-SSL.ps1
+++ b/inc/vCenter-SSL.ps1
@@ -1,10 +1,10 @@
 #!/usr/bin/env pwsh
 # -----------------------------------------------------------------------------------
-# Linux-safe vCenter + Posh-ACME Script (Fully Fixed)
-# - SSL validation bypass (Linux-compatible)
+# vCenter + Posh-ACME Script (Linux/macOS-safe)
+# - Uses -SkipCertificateCheck to bypass SSL validation
 # - Proper ErrorRecord handling
-# - PowerDNS plugin works (plain string API key)
-# - Fault-tolerant certificate handling
+# - PowerDNS plugin uses plain string API key
+# - Fault-tolerant ACME certificate handling
 # -----------------------------------------------------------------------------------
 
 . /opt/idssys/nodemgmt/conf/powerwall/settings.ps1
@@ -47,7 +47,7 @@ function Show-Failure {
 }
 
 # ----------------------------
-# HttpClient wrapper (TLS1.2, skip cert check, no decompression)
+# Invoke-RestMethod wrapper with SkipCertificateCheck
 # ----------------------------
 function Invoke-SafeRestMethod {
     param(
@@ -55,52 +55,30 @@ function Invoke-SafeRestMethod {
         [string]$Method = 'GET',
         [hashtable]$Headers = @{},
         $Body = $null,
-        [switch]$AsJson,
-        [int]$TimeoutSec = 60
+        [switch]$AsJson
     )
 
     try {
-        $handler = [System.Net.Http.HttpClientHandler]::new()
-        $handler.AutomaticDecompression = [System.Net.DecompressionMethods]::None
-        # Proper SSL bypass
-        $handler.ServerCertificateCustomValidationCallback = { param($sender, $cert, $chain, $sslPolicyErrors) return $true }
-
-        $client = [System.Net.Http.HttpClient]::new($handler)
-        $client.Timeout = [System.TimeSpan]::FromSeconds($TimeoutSec)
-
-        foreach ($k in $Headers.Keys) {
-            $client.DefaultRequestHeaders.Remove($k) | Out-Null
-            $client.DefaultRequestHeaders.Add($k, $Headers[$k])
+        $params = @{
+            Uri                  = $Uri
+            Method               = $Method
+            Headers              = $Headers
+            SkipCertificateCheck = $true
+            ErrorAction          = 'Stop'
         }
 
         if ($Body -ne $null) {
             if ($AsJson) {
-                $jsonBody = $Body | ConvertTo-Json -Depth 12 -Compress
-                $content = [System.Net.Http.StringContent]::new($jsonBody, [System.Text.Encoding]::UTF8, 'application/json')
+                $params.Body        = ($Body | ConvertTo-Json -Depth 12 -Compress)
+                $params.ContentType = 'application/json'
             } else {
-                $content = [System.Net.Http.StringContent]::new($Body)
+                $params.Body = $Body
             }
-        } else { $content = $null }
-
-        $methodObj = [System.Net.Http.HttpMethod]::$Method
-        $request = [System.Net.Http.HttpRequestMessage]::new($methodObj, $Uri)
-        if ($content) { $request.Content = $content }
-
-        $response = $client.SendAsync($request).GetAwaiter().GetResult()
-        $respBody = if ($response.Content) { $response.Content.ReadAsStringAsync().GetAwaiter().GetResult() } else { $null }
-
-        if ($response.IsSuccessStatusCode) {
-            if ($respBody -and $respBody.Trim().Length -gt 0) {
-                try { return $respBody | ConvertFrom-Json } catch { return $respBody }
-            } else { return $respBody }
-        } else {
-            throw [System.Net.Http.HttpRequestException]::new("HTTP $($response.StatusCode): $($response.ReasonPhrase)", $null, $response)
         }
+
+        return Invoke-RestMethod @params
     } catch {
         Show-Failure -ErrorRecord $_
-    } finally {
-        $client.Dispose()
-        $handler.Dispose()
     }
 }