Vcenter NamespaceManagement Supervisors Certificates UpdateSpec

Vcenter NamespaceManagement Supervisors Certificates UpdateSpec
Vcenter NamespaceManagement Supervisors Certificates UpdateSpec

The Vcenter NamespaceManagement Supervisors Certificates UpdateSpec schema contains updates to certificate(s) used by TLS endpoints for the given Supervisor.

This schema was added in vSphere API 9.1.0.0.

JSON Example
{
    "tls_endpoint_certificate": "string",
    "tls_endpoint_private_key": "string",
    "endpoint": "string"
}
string
tls_endpoint_certificate
Required

PEM-encoded x509 certificate(s) issued for Supervisor endpoints.

Certificate(s) used can be created by one of the two supported methods:

  1. By signing the Certificate Signing Request obtained from the Namespace Certificate Management API.
  2. By creating a certificate using public key cryptography. In such case the certificate Vcenter NamespaceManagement Supervisors Certificates UpdateSpec.tls_endpoint_certificate should be specified along with the private key Vcenter NamespaceManagement Supervisors Certificates UpdateSpec.tls_endpoint_private_key used to generate the certificate.

Because a Kubernetes CertificateSigningRequest is created on an existing Namespaces-enabled cluster, you must use the Vcenter NamespaceManagement Supervisors Certificates UpdateSpec to specify this Vcenter NamespaceManagement Supervisors Certificates UpdateSpec.tls_endpoint_certificate on an existing Supervisor rather than during initially enabling Namespaces on a Supervisor.

In case of providing the trust chain, the certificates should be simply concatenated into a single string.

This property was added in vSphere API 9.1.0.0.

string As password As password
tls_endpoint_private_key
Optional

Private Key matching Vcenter NamespaceManagement Supervisors Certificates UpdateSpec.tls_endpoint_certificate.

When using certificates generated externally and not using Certificate Signing Request obtained from Namespace Certificate Management API, you should specify the private key which was used to generate the certificate Vcenter NamespaceManagement Supervisors Certificates UpdateSpec.tls_endpoint_certificate.

If you have externally generated key pairs, you can import your own public key certificates and key pairs.

This property was added in vSphere API 9.1.0.0.

If missing or null and Vcenter NamespaceManagement Supervisors Certificates UpdateSpec.tls_endpoint_certificate is specified then the Supervisor will attempt to find a matching key by comparing the public keys components that was generated with Certificate Signing Request and Vcenter NamespaceManagement Supervisors Certificates UpdateSpec.tls_endpoint_certificate. Otherwise, Vcenter NamespaceManagement Supervisors Certificates UpdateSpec.tls_endpoint_private_key will not be modified.

string
endpoint
Required

TLS endpoint type for which certificate needs to be updated.

For more information see: Vcenter NamespaceManagement Supervisors Certificates EndpointType.

This property was added in vSphere API 9.1.0.0.

Parameter To