Vcenter CertificateManagement Vcenter SigningCertificate refresh
Refresh the vCenter signing certificate chain. The new signing certificate will be issued in accordance with vCenter CA policy and set as the active signing certificate for the vCenter token service. The certificate will immediately be used to sign tokens issued by vCenter token service. If a third-party/custom certificate has been configured as the signing certificate for compliance reasons, refresh may take vCenter out of compliance.
This operation was added in vSphere API 7.0.3.0.
Returns an authorization error if you do not have all of the privileges described as follows:
- Operation execution requires
CertificateManagement.Administer.
Request body for invoking operation: refresh
{
"force": false
}Will force refresh in environments that would otherwise prevent refresh from occurring, such as a mixed-version environment. Force refresh may leave systems in the local vCenter domain in a non-functional state until they are restarted.
If missing or null, then refresh will not be forced.
The signing certificate chain created during the refresh.
{
"cert_chain": [
"string"
]
}Certificate chain in base64 format
This property was added in vSphere API 6.7.2.
curl -X POST -H 'Authorization: <value>' -H 'Content-Type: application/json' -d '{}' https://{api_host}/api/vcenter/certificate-management/vcenter/signing-certificate?action=refresh