I figured it out.
It is again a certificate issue; however, this time the Lenovo server isn't to blame.
The Lenovo P2 has the certificate issue.. Namely, the phone doesn't have the issuer certificate for the Lenovo server in the Android certificate store.
To fix it, do the following:
Find a desktop browser of your liking (Firefox), and pull up the following website:
Then, click the padlock sign next to the address bar, followed by the right arrow and "More information".
Click on 'View Certificate".
Then click on the certificate on the middle of the page, of the three available "Secure Site Pro CA G2" (issuer certificate).
Scroll down to "Miscellaneous", and click on "Download PEM (cert)".
Move this file to your Lenovo P2.
Then, on the Lenovo P2, import the issuer certificate by navigating to Settings->Security->Credential Storage->Install From Storage.
The phone will open up a file browser intent, where you can select the certificate. It will then ask you how you want to import the certificate. Choose "VPN / apps". You can give it any name you like afterwards.
After all that, try to do the bootloader unlock by going to Settings->Developer Options->OEM Unlocking.
Create or sign into your Lenovo account, and boom! It should work!
You may have to log out and back in to get it to work, though.
Mine worked immediately, but of course by immediately I mean that the 14 day timer started.
I was connected over WiFi, but also had the Settings->About Phone->Participate in Lenovo Experience Program option turned on, as others have suggested. Additionally, I added my phone to my Lenovo account via the Lenovo App (https://play.google.com/store/apps/details?id=com.lenovo.serviceit).
The system clock does not have to be changed, because the Lenovo Bootloader Unlock Server certificate is valid until 2022-06-30.
There are probably thousands of ways to get a hold of the issuer certificate; Firefox (or other desktop browser) seems easiest. I couldn't coax Chrome on Android to download the certificate for me directly to the phone.
Also, you might have to import the Root CA certificate (DigiCert Global Root CA) as well, in case your phone does not have it.
DANGER, WILL ROBINSON!
I am not sure who "Secure Site Pro CA G2" is, so please do not assume you can trust them absolutely as being forever in your certificate store. You have been warned. In any case, once you nuke the bootloader and install a new OS, it won't matter anyways.
I was unable to even start the 14 days procedure. I transferred the attached file to the phone, simply click on it and load the certificate. Now 14 days countdown started with this method. Thank you very much.