HA! You did the same thing I did. Followed Derek's blog on PKI followed by his vCenter 5.5 blog. The problem is with using his CAPolicy.inf file. He has AlternateSignatureAlgorithm enabled which turns on an unsupported signature algorithm. If you eliminate that line from the inf and reinstall you should be ok.
I found the issue when I compared my lab vCenter 5.1 deployment cert where when I created the PKI I just ran through the install and didn't use a capolicy.inf. The signature algorithms were different. That's when I found this one vCenter security doc that talks about what signature algorithms were and were not supported. The one Derek's installs was not supported!
hope that helps