Create Trust Authority Clusters Attestation TPM2 CA Certificates Task
Add a new TPM CA certificate on a cluster.
Request
URLURL
https://{api_host}/api/vcenter/trusted-infrastructure/trust-authority-clusters/{cluster}/attestation/tpm2/ca-certificates?vmw-task=true
Path Parameters
Path Parameters
string
cluster
Required
The id of the cluster on which the operation will be executed. The parameter must be an identifier for the resource type: ClusterComputeResource.
Header Parameters
Header Parameters
string
vmware-api-session-id
Required
Required session ID, acquired from Create Session API under CIS product
vmware-api-session-id example
"b00db39f948d13ea1e59b4d6fce56389"
Request Body
Request Body
TrustedInfrastructureTrustAuthorityClustersAttestationTpm2CaCertificatesCreateSpec of mimetype application/json
Required
The new CA certificate details.
{
"name": "string"
}
string
name
Required
A unique name for the TPM CA certificate. When clients pass a value of this structure as a parameter, the field must be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.trust_authority_clusters.attestation.tpm2.CaCertificate. When operations return a value of this structure as a result, the field will be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.trust_authority_clusters.attestation.tpm2.CaCertificate.
cert_chain
Optional
The CA certificate chain. Certificates may either be added one at a time, or as a chain. Adding the certificates as a chain allows the group to be managed as a whole. For example, an entire chain can be deleted in one CaCertificates.delete operation.
When certificates are added one at a time, the order must be root first, followed by any intermediates. The intermediates certificates must also be ordered in the direction from root to leaf.
Similarly, when added as a chain the list must be ordered in the direction from root to leaf.
If unset creation will fail.
Authentication
This operation uses the following authentication methods.
Response
Response
Response BodyResponse Body
202 Accepted returns
string
of type application/json
An identifier for the task created by this API invocation will be returned. If the non-async version of the operation returns a value, this id can be used with the CIS Get Task operation to fetch that value. The normal description of this operation’s return value will follow if one exists.
Errors
400
com.vmware.vapi.std.errors.already_exists : if the certificate name exists. | com.vmware.vapi.std.errors.invalid_argument : if the configuration is invalid or the cluster id is empty.
404
com.vmware.vapi.std.errors.not_found : if cluster doesn’t match to any cluster in the vCenter.
default
‘Default’ means this response is used for all HTTP codes that are not covered individually for this operation.
Code Samples
PowerCLI Client SDK Example
$TrustedInfrastructureTrustAuthorityClustersAttestationTpm2CaCertificatesCreateSpec = Initialize-TrustedInfrastructureTrustAuthorityClustersAttestationTpm2CaCertificatesCreateSpec -Name "MyName"
Invoke-CreateClusterTpm2CaCertificatesAsync -Cluster "MyCluster" -TrustedInfrastructureTrustAuthorityClustersAttestationTpm2CaCertificatesCreateSpec $TrustedInfrastructureTrustAuthorityClustersAttestationTpm2CaCertificatesCreateSpec
PowerCLI Client SDK All Parameters Example
$TrustedInfrastructureX509CertChain = Initialize-TrustedInfrastructureX509CertChain -CertChain "MyCertChain"
$TrustedInfrastructureTrustAuthorityClustersAttestationTpm2CaCertificatesCreateSpec = Initialize-TrustedInfrastructureTrustAuthorityClustersAttestationTpm2CaCertificatesCreateSpec -Name "MyName" -CertChain $TrustedInfrastructureX509CertChain
Invoke-CreateClusterTpm2CaCertificatesAsync -Cluster "MyCluster" -TrustedInfrastructureTrustAuthorityClustersAttestationTpm2CaCertificatesCreateSpec $TrustedInfrastructureTrustAuthorityClustersAttestationTpm2CaCertificatesCreateSpec
cURL Command
curl -X POST -H "vmware-api-session-id: b00db39f948d13ea1e59b4d6fce56389" -H "Content-Type: application/json" -d '{"cert_chain":{"cert_chain":["string"]},"name":"string"}' https://{api_host}/api/vcenter/trusted-infrastructure/trust-authority-clusters/{cluster}/attestation/tpm2/ca-certificates?vmw-task=true
Vendor Extensions
This operation contains the following vendor extensions defined in the spec:
x-vmw-doc-operation: create_task
Availability
Added in 7.0.0.0
