Vcenter TrustedInfrastructure TrustAuthorityClusters Attestation Tpm2 CaCertificates create$Task
This operation is deprecated as of vSphere API 8.0.3.0 and removed in vSphere API 9.0.0.0.
Add a new TPM CA certificate on a cluster.
This operation was added in vSphere API 7.0.0.0.
Returns an authorization error if you do not have all of the privileges described as follows:
- Operation execution requires
TrustedAdmin.ConfigureHostCertificates
. - The resource
ClusterComputeResource
referenced by the parameter cluster requiresSystem.View
.
The id of the cluster on which the operation will be executed.
The parameter must be an identifier for the resource type: ClusterComputeResource
.
The new CA certificate details.
Show optional properties
{
"name": "string"
}
{
"name": "string",
"cert_chain": {
"cert_chain": [
"string"
]
}
}
This property is deprecated as of vSphere API 8.0.3.0 and removed in vSphere API 9.0.0.0.
A unique name for the TPM CA certificate.
This property was added in vSphere API 7.0.0.0.
When clients pass a value of this schema as a parameter, the property must be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.trust_authority_clusters.attestation.tpm2.CaCertificate
. When operations return a value of this schema as a response, the property will be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.trust_authority_clusters.attestation.tpm2.CaCertificate
.
This property is deprecated as of vSphere API 8.0.3.0 and removed in vSphere API 9.0.0.0.
The CA certificate chain.
Certificates may either be added one at a time, or as a chain. Adding the certificates as a chain allows the group to be managed as a whole. For example, an entire chain can be deleted in one DELETE /vcenter/trusted-infrastructure/trust-authority-clusters/{cluster}/attestation/tpm2/ca-certificates/{name} operation.
When certificates are added one at a time, the order must be root first, followed by any intermediates. The intermediates certificates must also be ordered in the direction from root to leaf.
Similarly, when added as a chain the list must be ordered in the direction from root to leaf.
This property was added in vSphere API 7.0.0.0.
If missing or null
creation will fail.
Success!
Vapi Std Errors AlreadyExists if the certificate name exists.
Vapi Std Errors InvalidArgument if the configuration is invalid or the cluster id is empty.
"Vapi Std Errors Error Object"
Stack of one or more localizable messages for human error consumers.
The message at the top of the stack (first in the list) describes the error from the perspective of the operation the client invoked.
Each subsequent message in the stack describes the "cause" of the prior message.
Data to facilitate clients responding to the operation reporting a standard error to indicating that it was unable to complete successfully.
Operations may provide data that clients can use when responding to errors. Since the data that clients need may be specific to the context of the operation reporting the error, different operations that report the same error may provide different data in the error. The documentation for each each operation will describe what, if any, data it provides for each error it reports.
The Vapi Std Errors ArgumentLocations, Vapi Std Errors FileLocations, and Vapi Std Errors TransientIndication schemas are intended as possible values for this property. Vapi Std DynamicID may also be useful as a value for this property (although that is not its primary purpose). Some resources may provide their own specific schemas for use as the value of this property when reporting errors from their operations.
Some operations will not set this property when reporting errors.
Discriminator field to help API consumers identify the structure type.
For more information see: Vapi Std Errors Error Type.
This property was added in vSphere API 6.7.2.
Can be missing or null
for compatibility with preceding implementations.
if the caller is not authenticated.
"Vapi Std Errors Unauthenticated Object"
Indicates the authentication challenges applicable to the target API provider. It can be used by a client to discover the correct authentication scheme to use. The exact syntax of the value is defined by the specific provider, the protocol and authentication schemes used.
For example, a provider using REST may adhere to the WWW-Authenticate HTTP header specification, RFC7235, section 4.1. In this case an example challenge value may be: SIGN realm="27da1358-2ba4-11e9-b210-d663bd873d93",sts="http://vcenter/sso?vsphere.local", Basic realm="vCenter"
This property was added in vSphere API 7.0.0.0.
This property is optional because it was added in a newer version than its parent node.
if cluster doesn't match to any cluster in the vCenter.
"Vapi Std Errors NotFound Object"
if there is a generic error.
"Vapi Std Errors Error Object"
Stack of one or more localizable messages for human error consumers.
The message at the top of the stack (first in the list) describes the error from the perspective of the operation the client invoked.
Each subsequent message in the stack describes the "cause" of the prior message.
Data to facilitate clients responding to the operation reporting a standard error to indicating that it was unable to complete successfully.
Operations may provide data that clients can use when responding to errors. Since the data that clients need may be specific to the context of the operation reporting the error, different operations that report the same error may provide different data in the error. The documentation for each each operation will describe what, if any, data it provides for each error it reports.
The Vapi Std Errors ArgumentLocations, Vapi Std Errors FileLocations, and Vapi Std Errors TransientIndication schemas are intended as possible values for this property. Vapi Std DynamicID may also be useful as a value for this property (although that is not its primary purpose). Some resources may provide their own specific schemas for use as the value of this property when reporting errors from their operations.
Some operations will not set this property when reporting errors.
Discriminator field to help API consumers identify the structure type.
For more information see: Vapi Std Errors Error Type.
This property was added in vSphere API 6.7.2.
Can be missing or null
for compatibility with preceding implementations.
curl -X POST -H 'Authorization: <value>' -H 'Content-Type: application/json' -d '{"name:"string"}' https://{api_host}/api/vcenter/trusted-infrastructure/trust-authority-clusters/{cluster}/attestation/tpm2/ca-certificates?vmw-task=true