Following error received when updating an existing Content Library to associate the OVF Security Policy:

• vSphere UI is inserting the "1:" incorrectly on existing Content Libraries.
• The issue should not be seen when applying the security policy to new Content Libraries.

Workaround

1. Delete and recreate the Content Library applying the OVF Security Policy at the time of creation.
2. Use API calls to apply the Security Policy to the Content Library.

• Set your variables:

VCENTER="<vCenter_FQDN>"   #(i.e. vcenter.domain.local)
VCENTER_USER="<vCenter_Username>"   #(i.e. [email protected])
VCENTER_PW="<vCenter_Password>"

• Assign a login Session ID to a variable to use in the rest of the commands:

SESSION_ID=$(curl -k -s -X POST -u "${VCENTER_USER}:${VCENTER_PW}" "https://${VCENTER}/api/session" -H 'Accept: application/json' | tr -d '\"')

• List your Library Security Policy to get the ID:

curl -k -X GET -H "vmware-api-session-id: ${SESSION_ID}" https://${VCENTER}/api/content/security-policies -H 'Accept: application/json' | jq

• List your Content Library IDs:

curl -k -X GET -H "vmware-api-session-id: ${SESSION_ID}" https://${VCENTER}/api/content/library -H 'Accept: application/json' | jq

• Display the Content Libraries to confirm you are working with the correct one: (replace <LibraryID> with the ID from the previous step)

curl -k -X GET -H "vmware-api-session-id: ${SESSION_ID}" https://${VCENTER}/api/content/library/<LibraryID> -H 'Accept: application/json' | jq

• Update the Content Library with the Security Policy ID:

curl -k -X PATCH -H "Content-Type: application/json" -H "vmware-api-session-id: ${SESSION_ID}" https://${VCENTER}/api/content/library/<LibraryID> \
-d '{"security_policy_id": "<SecurityPolicyID>"}'

• You can verify the change by displaying the content library again with the above command, or through a refresh of the UI.