SecurityConfiguration

JSON Example

{
    "trusted_certificates": "string",
    "generate_vm_passwords": false,
    "opsmanager_root_ca_trusted_certs": false,
    "clear_default_trusted_certificates_store": false
}

string

trusted_certificates

Optional

Certificates that VMs created by the BOSH director should trust in addition to those packaged with the stemcell (PEM encoded; zero or more certs allowed)

boolean

generate_vm_passwords

Optional

Constraints: default: true

When enabled, Tanzu Ops Manager will generate unique VM passwords for all VMs in a BOSH deployment.

boolean

opsmanager_root_ca_trusted_certs

Optional

When enabled, all Tanzu Ops Manager Certificate Authorities will be appended to the list of trusted certificates and used as described above.

boolean

clear_default_trusted_certificates_store

Optional

When enabled, all certificates in the system certificate trust store are deleted every time BOSH deploys a VM. Certificates in the "opsmanager_root_ca_trusted_certs" property will still be trusted.

Property Of

DirectorProperties

PutDirectorProperties