Certificate Management vCenter TLS APIs
The Tls interface provides operations to replace Tls certificate.
Operations
get
Get vCenter TLS
Returns the rhttpproxy TLS certificate. if you do not have all of the privileges described as follows: - Operation execution requires System.Read.
Returns the rhttpproxy TLS certificate. if you do not have all of the privileges described as follows: - Operation execution requires System.Read.
put
Set vCenter TLS
Replaces the rhttpproxy TLS certificate with the specified certificate. This operation can be used in three scenarios : 1. When the CSR is created and the private key is already stored, this operation can replace the certificate. The Tls.Spec.cert (but not Tls.Spec.key and Tls.Spec.root-cert) must be provided as input. 2. When the certificate is signed by a third party certificate authority/VMCA and the root certificate of the third party certificate authority/VMCA is already one of the trusted roots in the trust store, this operation can replace the certificate and private key. The Tls.Spec.cert and Tls.Spec.key (but not Tls.Spec.root-cert) must be provided as input. 3. When the certificate is signed by a third party certificate authority and the root certificate of the third party certificate authority is not one of the trusted roots in the trust store, this operation can replace the certificate, private key and root CA certificate. The Tls.Spec.cert,Tls.Spec.key and Tls.Spec.root-cert must be provided as input. After this operation completes, the services using the certificate will be restarted for the new certificate to take effect. The above three scenarios are only supported from vsphere 7.0 onwards. if you do not have all of the privileges described as follows: - Operation execution requires CertificateManagement.Administer.
Replaces the rhttpproxy TLS certificate with the specified certificate. This operation can be used in three scenarios : 1. When the CSR is created and the private key is already stored, this operation can replace the certificate. The Tls.Spec.cert (but not Tls.Spec.key and Tls.Spec.root-cert) must be provided as input. 2. When the certificate is signed by a third party certificate authority/VMCA and the root certificate of the third party certificate authority/VMCA is already one of the trusted roots in the trust store, this operation can replace the certificate and private key. The Tls.Spec.cert and Tls.Spec.key (but not Tls.Spec.root-cert) must be provided as input. 3. When the certificate is signed by a third party certificate authority and the root certificate of the third party certificate authority is not one of the trusted roots in the trust store, this operation can replace the certificate, private key and root CA certificate. The Tls.Spec.cert,Tls.Spec.key and Tls.Spec.root-cert must be provided as input. After this operation completes, the services using the certificate will be restarted for the new certificate to take effect. The above three scenarios are only supported from vsphere 7.0 onwards. if you do not have all of the privileges described as follows: - Operation execution requires CertificateManagement.Administer.
post
Renew vCenter TLS
Renews the TLS certificate for the given duration period. After this operation completes, the services using the certificate will be restarted for the new certificate to take effect. if you do not have all of the privileges described as follows: - Operation execution requires CertificateManagement.Administer.
Renews the TLS certificate for the given duration period. After this operation completes, the services using the certificate will be restarted for the new certificate to take effect. if you do not have all of the privileges described as follows: - Operation execution requires CertificateManagement.Administer.
post
Replace VMCA Signed vCenter TLS
Replace MACHINE SSL with VMCA signed one with the given Spec.The system will go for restart. After this operation completes, the services using the certificate will be restarted for the new certificate to take effect. if you do not have all of the privileges described as follows: - Operation execution requires CertificateManagement.Administer.
Replace MACHINE SSL with VMCA signed one with the given Spec.The system will go for restart. After this operation completes, the services using the certificate will be restarted for the new certificate to take effect. if you do not have all of the privileges described as follows: - Operation execution requires CertificateManagement.Administer.
