When you try to configure the integration between the VMware NSX Manager and the vCenter Lookup Service you get the following error Initialization of STS Clients failed. Root Cause: The SSL certificate of STS service cannot be verified.
This is more of a work around than anything else, if you backup a stage and return to the pane where you configure the Lookup Service, if you change it to port 443, click OK and accept the certificate warning it then works correctly.
I always thought that the VMware Lookup Service operated over port 7444, not the typical HTTPS port of 443. The following VMware article supports this theory upto vSphere version 5.5. Although it does not seem to have been updated for vSphere 6. It would appear the port for the Lookup Service is now 443.
Using port 443 it integrates with the Lookup Service without problem.