Import Trusted Certificate

Import Trusted Certificate
Import Trusted Certificate

Imports an X.509 certificate into the HCX Manager's trust store. The certificate can be provided directly as PEM string, via file upload, or fetched from a URL. Certificate is immediately available for use in SSL/TLS connections.

URL validation blocks loopback, link-local, and HCX Manager's own IP and prevents SSRF attacks by blocking internal endpoints

Request
URI
POST
https://{server}:9443/api/admin/certificates
COPY
Request Body
{
    "certificate": "string",
    "alias": "string"
}
Authentication
This operation uses the following authentication methods.
Responses
200

Certificate imported successfully

Returns CertificateRestResponse of type(s) application/json 
{
    "success": true,
    "completed": true,
    "time": 1753094523000,
    "version": "1.0",
    "data": {
        "items": [
            {
                "subject": "CN=vcenter.example.com, OU=Engineering, O=VMware, C=US",
                "issuer": "CN=VMware CA, OU=Engineering, O=VMware, C=US",
                "thumbprint": "a1b2c3d4e5f6789012345678901234567890abcd",
                "notBefore": "2023-01-01T00:00:00Z",
                "notAfter": "2025-12-31T23:59:59Z",
                "alias": "vcenter-root-ca"
            }
        ]
    }
}
boolean
success
Required

Indicates if the operation was successful

boolean
completed
Required

Indicates if the operation completed

integer As int64 As int64
time
Required

Unix timestamp in milliseconds

string
version
Optional

API version

string
protocol
Optional

Protocol version

string
fingerprint
Optional

Response fingerprint

object
data
Optional

Response data containing items array

array of object
errors
Optional

Array of error objects

array of object
warnings
Optional

Array of warning objects


400

Bad request - Invalid certificate or blocked URL

Returns CertificateRestResponse of type(s) application/json 
{
    "success": true,
    "completed": true,
    "time": 1753094523000,
    "version": "1.0",
    "protocol": "string",
    "fingerprint": "string",
    "data": {
        "items": [
            {}
        ]
    },
    "errors": [
        {
            "text": "string"
        }
    ],
    "warnings": [
        {
            "text": "string"
        }
    ]
}
boolean
success
Required

Indicates if the operation was successful

boolean
completed
Required

Indicates if the operation completed

integer As int64 As int64
time
Required

Unix timestamp in milliseconds

string
version
Optional

API version

string
protocol
Optional

Protocol version

string
fingerprint
Optional

Response fingerprint

object
data
Optional

Response data containing items array

array of object
errors
Optional

Array of error objects

array of object
warnings
Optional

Array of warning objects


500

Internal server error

Returns CertificateRestResponse of type(s) application/json 
{
    "success": false,
    "completed": true,
    "time": 1753094523000,
    "version": "1.0",
    "errors": [
        {
            "text": "Error in importing the certificate, please verify the certificate again."
        }
    ]
}
boolean
success
Required

Indicates if the operation was successful

boolean
completed
Required

Indicates if the operation completed

integer As int64 As int64
time
Required

Unix timestamp in milliseconds

string
version
Optional

API version

string
protocol
Optional

Protocol version

string
fingerprint
Optional

Response fingerprint

object
data
Optional

Response data containing items array

array of object
errors
Optional

Array of error objects

array of object
warnings
Optional

Array of warning objects


Code Samples
COPY
                    curl -X POST -H 'Authorization: <value>' -H 'Content-Type: application/json' -d '[{}]' https://{api_host}/api/admin/certificates
On This Page
Certificate Management Operations
PUT
Apply Server Certificate
GET
List Trusted Certificates
POST
Import Trusted Certificate
DELETE
Delete Trusted Certificate
GET
Get Signed JWT Token