The vpxd-extension solution user certificate has Server Authentication in Extended Key Usage but does not contain any Client Authentication value, such as TLS WWW client authentication or anyExtendedKeyUsage
Environment
vCenter Server 8.x
vCenter Server 7.x
Cause
This occurs when the vpxd-extension certificate has the Extended Key Usage value for Server Authentication without Client Authentication.
Resolution
To resolve this, regenerate the vpxd-extension certificate without Extended Key Usage or use "TLS WWW client authentication" in the values. It's also possible to use anyExtendedKeyUsage.