Vcenter TrustedInfrastructure Hosts Hardware Tpm EndorsementKeys get
Get the TPM endorsement key details on a host.
The information returned is derived from executing the TPM2_ReadPublic command on the endorsement key object handle.
Trusted Platform Module Library Part 3: Commands, Family "2.0", Level 00 Revision 01.59, November 8, 2019, Section 12.4 TPM2_ReadPublic
This operation was added in vSphere API 8.0.0.1.
Returns an authorization error if you do not have all of the privileges described as follows:
- The resource
HostSystemreferenced by the parameter host requiresHost.Tpm.Read.
Identifier of the host.
The parameter must be an identifier for the resource type: HostSystem.
the TPM identifier.
The parameter must be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.hosts.hardware.Tpm.
the endorsement key identifier.
The parameter must be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.hosts.hardware.tpm.EndorsementKey.
The endorsement key info.
{
"type": "string",
"public_area": "string",
"name": "string",
"qualified_name": "string",
"public_key": "string",
"certificate": "string",
"manufacturer_certificate_uri": "string",
"manufacturer_certificates": {
"cert_chain": [
"string"
]
}
}The TPM endorsement key type.
For more information see: Vcenter TrustedInfrastructure Hosts Hardware Tpm EndorsementKeys Type.
This property was added in vSphere API 8.0.0.1.
The TPM endorsement key public area.
The public area is a TPM2B_PUBLIC structure.
Trusted Platform Module Library Part 2: Structures, Family "2.0", Level 00 Revision 01.59, November 8, 2019, Section 12.2.5 TPM2B_PUBLIC
This property was added in vSphere API 8.0.0.1.
The TPM endorsement key name.
The name is a TPM2B_NAME structure.
Trusted Platform Module Library Part 2: Structures, Family "2.0", Level 00 Revision 01.59, November 8, 2019, Section 10.5.3 TPM2B_NAME
This property was added in vSphere API 8.0.0.1.
The TPM endorsement key qualified name.
The qualified name is a TPM2B_NAME structure.
Trusted Platform Module Library Part 2: Structures, Family "2.0", Level 00 Revision 01.59, November 8, 2019, Section 10.5.3 TPM2B_NAME
This property was added in vSphere API 8.0.0.1.
The TPM public endorsement key in PEM format.
This property was added in vSphere API 8.0.0.1.
if missing or null, the PEM format public key could not be determined.
The TPM endorsement key certificate in PEM format.
This property was added in vSphere API 8.0.0.1.
if missing or null, the certificate cannot be retrieved from the TPM.
The TPM endorsement key issuer URL extracted from the TPM endorsement key certificate.
This property was added in vSphere API 8.0.0.1.
if missing or null, the URI cannot be retrieved from the endorsement key certificate.
The TPM manufacturer's endorsement key certificate chain.
Endorsement key certificates are signed by the TPM manufacturer. When available, the manufacturer_certificates property will contain the TPM manufacturer's endorsement key certificate chain.
This property was added in vSphere API 8.0.0.1.
if missing or null, the certificate chain is not available.
if the arguments are invalid.
"Vapi Std Errors InvalidArgument Object"if the caller is not authenticated.
"Vapi Std Errors Unauthenticated Object"Indicates the authentication challenges applicable to the target API provider. It can be used by a client to discover the correct authentication scheme to use. The exact syntax of the value is defined by the specific provider, the protocol and authentication schemes used.
For example, a provider using REST may adhere to the WWW-Authenticate HTTP header specification, RFC7235, section 4.1. In this case an example challenge value may be: SIGN realm="27da1358-2ba4-11e9-b210-d663bd873d93",sts="http://vcenter/sso?vsphere.local", Basic realm="vCenter"
This property was added in vSphere API 7.0.0.0.
This property is optional because it was added in a newer version than its parent node.
if the caller is not authorized.
"Vapi Std Errors Unauthorized Object"if the endorsement key, or the TPM device, or the host is not found.
"Vapi Std Errors NotFound Object"if there is a generic error.
"Vapi Std Errors Error Object"Stack of one or more localizable messages for human error consumers.
The message at the top of the stack (first in the list) describes the error from the perspective of the operation the client invoked.
Each subsequent message in the stack describes the "cause" of the prior message.
Data to facilitate clients responding to the operation reporting a standard error to indicating that it was unable to complete successfully.
Operations may provide data that clients can use when responding to errors. Since the data that clients need may be specific to the context of the operation reporting the error, different operations that report the same error may provide different data in the error. The documentation for each each operation will describe what, if any, data it provides for each error it reports.
The Vapi Std Errors ArgumentLocations, Vapi Std Errors FileLocations, and Vapi Std Errors TransientIndication schemas are intended as possible values for this property. Vapi Std DynamicID may also be useful as a value for this property (although that is not its primary purpose). Some resources may provide their own specific schemas for use as the value of this property when reporting errors from their operations.
Some operations will not set this property when reporting errors.
Discriminator field to help API consumers identify the structure type.
For more information see: Vapi Std Errors Error Type.
This property was added in vSphere API 6.7.2.
Can be missing or null for compatibility with preceding implementations.
if too many requests are in progress.
"Vapi Std Errors ServiceUnavailable Object" curl -H 'Authorization: <value>' https://{api_host}/api/vcenter/trusted-infrastructure/hosts/{host}/hardware/tpm/{tpm}/endorsement-keys/{key}