Vcenter NamespaceManagement Supervisors Certificates update
Update TLS endpoint certificate/privatekey for the given Supervisor.
This operation was added in vSphere API 9.1.0.0.
Returns an authorization error if you do not have all of the privileges described as follows:
- The resource
com.vmware.vcenter.namespace_management.supervisor.Supervisorreferenced by the parameter supervisor requiresNamespaces.Manage.
Identifier for the Supervisor.
The parameter must be an identifier for the resource type: com.vmware.vcenter.namespace_management.supervisor.Supervisor.
Information about the tls endpoint certificate to be updated.
Show optional properties
{
"tls_endpoint_certificate": "string",
"endpoint": "string"
}{
"tls_endpoint_certificate": "string",
"tls_endpoint_private_key": "string",
"endpoint": "string"
}PEM-encoded x509 certificate(s) issued for Supervisor endpoints.
Certificate(s) used can be created by one of the two supported methods:
- By signing the Certificate Signing Request obtained from the Namespace Certificate Management API.
- By creating a certificate using public key cryptography. In such case the certificate Vcenter NamespaceManagement Supervisors Certificates UpdateSpec.tls_endpoint_certificate should be specified along with the private key Vcenter NamespaceManagement Supervisors Certificates UpdateSpec.tls_endpoint_private_key used to generate the certificate.
Because a Kubernetes CertificateSigningRequest is created on an existing Namespaces-enabled cluster, you must use the Vcenter NamespaceManagement Supervisors Certificates UpdateSpec to specify this Vcenter NamespaceManagement Supervisors Certificates UpdateSpec.tls_endpoint_certificate on an existing Supervisor rather than during initially enabling Namespaces on a Supervisor.
In case of providing the trust chain, the certificates should be simply concatenated into a single string.
This property was added in vSphere API 9.1.0.0.
Private Key matching Vcenter NamespaceManagement Supervisors Certificates UpdateSpec.tls_endpoint_certificate.
When using certificates generated externally and not using Certificate Signing Request obtained from Namespace Certificate Management API, you should specify the private key which was used to generate the certificate Vcenter NamespaceManagement Supervisors Certificates UpdateSpec.tls_endpoint_certificate.
If you have externally generated key pairs, you can import your own public key certificates and key pairs.
This property was added in vSphere API 9.1.0.0.
If missing or null and Vcenter NamespaceManagement Supervisors Certificates UpdateSpec.tls_endpoint_certificate is specified then the Supervisor will attempt to find a matching key by comparing the public keys components that was generated with Certificate Signing Request and Vcenter NamespaceManagement Supervisors Certificates UpdateSpec.tls_endpoint_certificate. Otherwise, Vcenter NamespaceManagement Supervisors Certificates UpdateSpec.tls_endpoint_private_key will not be modified.
TLS endpoint type for which certificate needs to be updated.
For more information see: Vcenter NamespaceManagement Supervisors Certificates EndpointType.
This property was added in vSphere API 9.1.0.0.
Success!
Vapi Std Errors NotAllowedInCurrentState if the associated Supervisor is being disabled.
Vapi Std Errors InvalidArgument if spec contains any errors.
Vapi Std Errors Unsupported if the Supervisor does not allow the update the certificate for the endpoint.
{
"messages": [
{
"id": "string",
"default_message": "string",
"args": [
"string"
],
"params": {
"params": {
"s": "string",
"dt": "string",
"i": 0,
"d": "number",
"l": {
"id": "string",
"params": {
"params": "Vapi Std LocalizationParam Object"
}
},
"format": "string",
"precision": 0
}
},
"localized": "string"
}
],
"data": {},
"error_type": "string"
}Stack of one or more localizable messages for human error consumers.
The message at the top of the stack (first in the list) describes the error from the perspective of the operation the client invoked.
Each subsequent message in the stack describes the "cause" of the prior message.
Data to facilitate clients responding to the operation reporting a standard error to indicating that it was unable to complete successfully.
Operations may provide data that clients can use when responding to errors. Since the data that clients need may be specific to the context of the operation reporting the error, different operations that report the same error may provide different data in the error. The documentation for each each operation will describe what, if any, data it provides for each error it reports.
The Vapi Std Errors ArgumentLocations, Vapi Std Errors FileLocations, and Vapi Std Errors TransientIndication schemas are intended as possible values for this property. Vapi Std DynamicID may also be useful as a value for this property (although that is not its primary purpose). Some resources may provide their own specific schemas for use as the value of this property when reporting errors from their operations.
Some operations will not set this property when reporting errors.
Discriminator field to help API consumers identify the structure type.
For more information see: Vapi Std Errors Error Type.
This property was added in vSphere API 6.7.2.
Can be missing or null for compatibility with preceding implementations.
if the user can not be authenticated.
{
"messages": [
{
"id": "string",
"default_message": "string",
"args": [
"string"
],
"params": {
"params": {
"s": "string",
"dt": "string",
"i": 0,
"d": "number",
"l": "Vapi Std NestedLocalizableMessage Object",
"format": "string",
"precision": 0
}
},
"localized": "string"
}
],
"data": {},
"error_type": "string",
"challenge": "string"
}Indicates the authentication challenges applicable to the target API provider. It can be used by a client to discover the correct authentication scheme to use. The exact syntax of the value is defined by the specific provider, the protocol and authentication schemes used.
For example, a provider using REST may adhere to the WWW-Authenticate HTTP header specification, RFC7235, section 4.1. In this case an example challenge value may be: SIGN realm="27da1358-2ba4-11e9-b210-d663bd873d93",sts="http://vcenter/sso?vsphere.local", Basic realm="vCenter"
This property was added in vSphere API 7.0.0.0.
This property is optional because it was added in a newer version than its parent node.
if the user does not have Namespaces.Manage privilege.
{
"messages": [
{
"id": "string",
"default_message": "string",
"args": [
"string"
],
"params": {
"params": {
"s": "string",
"dt": "string",
"i": 0,
"d": "number",
"l": "Vapi Std NestedLocalizableMessage Object",
"format": "string",
"precision": 0
}
},
"localized": "string"
}
],
"data": {},
"error_type": "string",
"challenge": "string"
}Indicates the authentication challenges applicable to the target API provider. It can be used by a client to discover the correct authentication scheme to use. The exact syntax of the value is defined by the specific provider, the protocol and authentication schemes used.
For example, a provider using REST may adhere to the WWW-Authenticate HTTP header specification, RFC7235, section 4.1. In this case an example challenge value may be: SIGN realm="27da158-2ba4-11e9-b",sts="http://vcenter/sso?vsphere.local", Basic realm="vCenter"
This property was added in vSphere API 9.1.0.0.
This property is optional because it was added in a newer version than its parent node.
if the Supervisor with the ID supervisor cannot be located.
{
"messages": [
{
"id": "string",
"default_message": "string",
"args": [
"string"
],
"params": {
"params": {
"s": "string",
"dt": "string",
"i": 0,
"d": "number",
"l": "Vapi Std NestedLocalizableMessage Object",
"format": "string",
"precision": 0
}
},
"localized": "string"
}
],
"data": {},
"error_type": "string"
}if the system reports an error while responding to the request.
{
"messages": [
{
"id": "string",
"default_message": "string",
"args": [
"string"
],
"params": {
"params": {
"s": "string",
"dt": "string",
"i": 0,
"d": "number",
"l": "Vapi Std NestedLocalizableMessage Object",
"format": "string",
"precision": 0
}
},
"localized": "string"
}
],
"data": {},
"error_type": "string"
}Stack of one or more localizable messages for human error consumers.
The message at the top of the stack (first in the list) describes the error from the perspective of the operation the client invoked.
Each subsequent message in the stack describes the "cause" of the prior message.
Data to facilitate clients responding to the operation reporting a standard error to indicating that it was unable to complete successfully.
Operations may provide data that clients can use when responding to errors. Since the data that clients need may be specific to the context of the operation reporting the error, different operations that report the same error may provide different data in the error. The documentation for each each operation will describe what, if any, data it provides for each error it reports.
The Vapi Std Errors ArgumentLocations, Vapi Std Errors FileLocations, and Vapi Std Errors TransientIndication schemas are intended as possible values for this property. Vapi Std DynamicID may also be useful as a value for this property (although that is not its primary purpose). Some resources may provide their own specific schemas for use as the value of this property when reporting errors from their operations.
Some operations will not set this property when reporting errors.
Discriminator field to help API consumers identify the structure type.
For more information see: Vapi Std Errors Error Type.
This property was added in vSphere API 6.7.2.
Can be missing or null for compatibility with preceding implementations.
curl -X PATCH -H 'Authorization: <value>' -H 'Content-Type: application/json' -d '{"endpoint":"string","tls_endpoint_certificate":"string"}'