COTV-5805: Unable to register vCenter to OTV due to "invalid certificate policies" error
Issue
A "tls: failed to parse certificate from server: x509: invalid certificate policies" error is seen when registering vCenter to OTV in the following scenario:
- vCenter is using a CA signed certificate
- Extended validation is used with the vCenter leaf certificate or the Intermediate / Root certificates
- The "X509v3 Certificate Policies" extension on the Intermediate / Root certs has a policy field with a OID segment value of over 4 bytes
A valid Policy field looks like:
Policy: 1.3.9999.712312.5.1.1
A problematic Policy field will look like:
Policy: 1.2.36.92661124436.1.1