Symptoms:
Trying to save an identity source with type "Active Directory over LDAPS" fails with an error message:

Cannot configure identity source due to Invalid certificate bytes.

When reviewing the log of the vSphere Client, /var/log/vmware/vsphere-ui/logs/vsphere_client_virgo.log, the following entry can be found:

[2023-10-09T16:14:56.371Z] [ERROR] tp-nio-127.0.0.1-5090-exec-1  com.vmware.vsphere.client.h5.pscui.controller.PscController      
Error while adding new Identity Source : sysops.localjava.lang.IllegalArgumentException: Invalid certificate bytes

VMware vCenter Server 8.0.2

This is caused by the certificate file containing Windows line feed characters (CR/LF)
Windows formatted certificates are not currently supported in vCenter Server 8.0 Update 2

VMware engineering is aware of this problem and are currently working on a fix

Workaround:
To work around this issue, change the file formatting from CR/LF to Linux LF (for example by using Notepad++ as in the screenshot below, and save the change. 



Alternatively, if the certificate file is on a linux system , the file can be converted from windows to linux line feed characters, using the sed command (replace <certificate file> with the correct filename):

# sed -i -e 's/\r$//' <certificate file>

Once the certificate has been saved with the correct formatting, restart the identity source wizard and select the corrected certificate file when prompted.