Add-VITrustedCertificate
This cmdlet adds a certificate or certificate chain to the vCenter Server or ESXi trusted stores.To use this cmdlet, you must connect to vCenter Server through the Connect-VIServer cmdlet.Note: The certificate or certificate chain will be added to both the vCenter Server instance and the connected ESXi hosts unless you use the VCenterOnly or EsxOnly parameters.
Syntax
[-PemCertificateOrChain
<String[]>]
[-Server <VIServer>]
[-X509Certificate <X509Certificate[]>]
[-X509Chain <X509Chain[]>]
[CommonParameters]
[-Server <VIServer>]
[-X509Certificate <X509Certificate[]>]
[-X509Chain <X509Chain[]>]
[CommonParameters]
Parameters
| Required | Parameter Name | Type | Position | Features | Description |
|---|---|---|---|---|---|
| optional |
|
String[] | named |
|
Specifies a certificate or certificate chain in PEM format to be added to the vCenter Server and/or ESXi trusted stores. | optional |
|
VIServer | named |
|
optional |
|
X509Certificate[] | named |
|
Specifies a certificate as an X509Certificate object to be added to the vCenter Server and/or ESXi trusted stores. | optional |
|
X509Chain[] | named |
|
Specifies a certificate chain as an X509Chain object to be added to the vCenter Server and/or ESXi trusted stores. |
-EsxOnly
[-PemCertificateOrChain <String[]>]
[-Server <VIServer>]
[-X509Certificate <X509Certificate[]>]
[-X509Chain <X509Chain[]>]
[CommonParameters]
[-PemCertificateOrChain <String[]>]
[-Server <VIServer>]
[-X509Certificate <X509Certificate[]>]
[-X509Chain <X509Chain[]>]
[CommonParameters]
Parameters
| Required | Parameter Name | Type | Position | Features | Description |
|---|---|---|---|---|---|
| required |
|
SwitchParameter | named |
|
Specifies that the certificate or certificate chain must be added only to the trusted store of the ESXi hosts. | optional |
|
String[] | named |
|
Specifies a certificate or certificate chain in PEM format to be added to the vCenter Server and/or ESXi trusted stores. | optional |
|
VIServer | named |
|
optional |
|
X509Certificate[] | named |
|
Specifies a certificate as an X509Certificate object to be added to the vCenter Server and/or ESXi trusted stores. | optional |
|
X509Chain[] | named |
|
Specifies a certificate chain as an X509Chain object to be added to the vCenter Server and/or ESXi trusted stores. |
-VMHost
<VMHost[]>
[-PemCertificateOrChain <String[]>]
[-Server <VIServer>]
[-X509Certificate <X509Certificate[]>]
[-X509Chain <X509Chain[]>]
[CommonParameters]
[-PemCertificateOrChain <String[]>]
[-Server <VIServer>]
[-X509Certificate <X509Certificate[]>]
[-X509Chain <X509Chain[]>]
[CommonParameters]
Parameters
| Required | Parameter Name | Type | Position | Features | Description |
|---|---|---|---|---|---|
| required |
|
VMHost[] | named |
|
Specifies one or more ESXi hosts to whose trusted stores you want to add the certificate or certificate chain. | optional |
|
String[] | named |
|
Specifies a certificate or certificate chain in PEM format to be added to the vCenter Server and/or ESXi trusted stores. | optional |
|
VIServer | named |
|
optional |
|
X509Certificate[] | named |
|
Specifies a certificate as an X509Certificate object to be added to the vCenter Server and/or ESXi trusted stores. | optional |
|
X509Chain[] | named |
|
Specifies a certificate chain as an X509Chain object to be added to the vCenter Server and/or ESXi trusted stores. |
-VCenterOnly
[-PemCertificateOrChain <String[]>]
[-Server <VIServer>]
[-X509Certificate <X509Certificate[]>]
[-X509Chain <X509Chain[]>]
[CommonParameters]
[-PemCertificateOrChain <String[]>]
[-Server <VIServer>]
[-X509Certificate <X509Certificate[]>]
[-X509Chain <X509Chain[]>]
[CommonParameters]
Parameters
| Required | Parameter Name | Type | Position | Features | Description |
|---|---|---|---|---|---|
| required |
|
SwitchParameter | named |
|
Specifies that the certificate or certificate chain must be added only to the trusted store of the vCenter Server instance. | optional |
|
String[] | named |
|
Specifies a certificate or certificate chain in PEM format to be added to the vCenter Server and/or ESXi trusted stores. | optional |
|
VIServer | named |
|
optional |
|
X509Certificate[] | named |
|
Specifies a certificate as an X509Certificate object to be added to the vCenter Server and/or ESXi trusted stores. | optional |
|
X509Chain[] | named |
|
Specifies a certificate chain as an X509Chain object to be added to the vCenter Server and/or ESXi trusted stores. |
Output
Examples
Example 1
$caPem = Get-Content ca.pem -Raw
Add-VITrustedCertificate -PemCertificateOrChain $caPem
Adds the certificate from ca.pem to the trusted certificate stores of the vCenter Server and all the ESXi hosts connected to the vCenter system.
Example 2
$caPem = Get-Content ca.pem -Raw
Add-VITrustedCertificate -PemCertificateOrChain $caPem -VCenterOnly
Adds the certificate from ca.pem to the trusted certificate store of the vCenter Server system.
Example 3
$caPem = Get-Content ca.pem -Raw
Add-VITrustedCertificate -PemCertificateOrChain $caPem -EsxOnly
Adds the certificate from ca.pem to the trusted certificate stores of the ESXi hosts of the vCenter Server system, but not to the vCenter itself.
Example 4
$caPem = Get-Content ca.pem -Raw
Add-VITrustedCertificate -VMHost 'MyHost' -PemCertificateOrChain $caPem
Adds the certificate from ca.pem to the trusted certificate store of the 'MyHost' ESXi host.
Related Commands
VITrustedCertificate
This cmdlet adds a certificate or certificate chain to the vCenter Server or ESXi trusted stores.
This cmdlet retrieves information about the trusted certificates in a vCenter Server environment.
This cmdlet removes one or more certificates or certificate chains from the vCenter Server or ESXi trusted stores.
