When trying to add or update an identity provider through SDDC Manager, an error is thrown, citing problems with BER/DER data.
Below, the error message reads: Failed to create/update embedded identity source. java.io.IOException: Invalid BER/DER data (too huge?), Invalid BER/DER data (too huge?)
VCF 5.x
SDDC Manager 5.2.x
When trying to add an LDAPs provider, a certificate is required to verify authenticity of the LDAPs domain controller. If the certificate file is corrupt or has invalid content within (e.g. blank space characters), then the certificate data will be treated as invalid, causing the LDAPs domain controller to fail to authenticate with VCF and the identity provider failing to add.
Generate a new certificate file to use for the LDAPs domain controller. Present this new certificate file to SDDC Manager when adding the Identity Provider.
To add the identity provider with new certificate: