Certificate Management Vcenter Tls APIs
The Tls interface provides operations to replace Tls certificate.
Operations
GET
Get Certificate Management Tls
Returns the rhttpproxy TLS certificate. if you do not have all of the privileges described as follows: - Operation execution requires System.Read.
PUT
Set Certificate Management Tls
Replaces the rhttpproxy TLS certificate with the specified certificate. This operation can be used in three scenarios : 1. When the CSR is created and the private key is already stored, this operation can replace the certificate. The Tls.Spec.cert (but not Tls.Spec.key and Tls.Spec.root-cert) must be provided as input. 2. When the certificate is signed by a third party certificate authority/VMCA and the root certificate of the third party certificate authority/VMCA is already one of the trusted roots in the trust store, this operation can replace the certificate and private key. The Tls.Spec.cert and Tls.Spec.key (but not Tls.Spec.root-cert) must be provided as input. 3. When the certificate is signed by a third party certificate authority and the root certificate of the third party certificate authority is not one of the trusted roots in the trust store, this operation can replace the certificate, private key and root CA certificate. The Tls.Spec.cert,Tls.Spec.key and Tls.Spec.root-cert must be provided as input. After this operation completes, the services using the certificate will be restarted for the new certificate to take effect. The above three scenarios are only supported from vsphere 7.0 onwards. if you do not have all of the privileges described as follows: - Operation execution requires CertificateManagement.Administer.
POST
Renew Tls
Renews the TLS certificate for the given duration period. After this operation completes, the services using the certificate will be restarted for the new certificate to take effect. if you do not have all of the privileges described as follows: - Operation execution requires CertificateManagement.Administer.
POST
Replace Vmca Signed Tls
Replace MACHINE SSL with VMCA signed one with the given Spec.The system will go for restart. After this operation completes, the services using the certificate will be restarted for the new certificate to take effect. if you do not have all of the privileges described as follows: - Operation execution requires CertificateManagement.Administer.