Test Search vSphere Web Services API

A reference to the CryptoManagerKmip used to make the method call.

cluster

CryptoManagerKmipCertSignRequest

[in] KMIP cluster.

Since vSphere API Release 6.5

request*

[in] Certificate sign request.

Since vSphere API Release 6.5

*Need not be set

Return Value

Type	Description
xsd:string	A newly generated CSR.

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="GenerateClientCsr" type="vim25:GenerateClientCsrRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="GenerateClientCsrResponse">
                  <complexType>
                     <sequence>
                        <element name="returnval" type="xsd:string"/>
                     </sequence>
                  </complexType>
               </element>

GenerateKey(generateKey)

Generate new encryption key.

Required Privileges: Cryptographer.ManageKeys

Parameters

Name

Type

Description

_this

A reference to the CryptoManagerKmip used to make the method call.

keyProvider*

CryptoManagerKmipCustomAttributeSpec

[in] Which provider will generate the key. If omitted, will use the default key provider.

Since vSphere API Release 6.5

spec*

[in] The spec that contains custom attributes key/value pairs.

Since vSphere API Release 6.5

*Need not be set

Return Value

Type	Description
CryptoKeyResult	The generated key.

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="GenerateKey" type="vim25:GenerateKeyRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="GenerateKeyResponse">
                  <complexType>
                     <sequence>
                        <element name="returnval" type="vim25:CryptoKeyResult"/>
                     </sequence>
                  </complexType>
               </element>

GenerateSelfSignedClientCert(generateSelfSignedClientCert)

Generate a self-signed client certificate with its private key. This generates a self signed certificate as well as its private key. The private key will not be returned to caller for security protection. If this method is called again, the certificate and private key generated in the new invocation will overwrite the old ones. The generated certificate will not replace current working certificate until UpdateSelfSignedClientCert is called. The generated self signed certificate can be later retrieved by calling RetrieveSelfSignedClientCert.

Required Privileges: Cryptographer.ManageKeyServers

Parameters

Name

Type

Description

_this

A reference to the CryptoManagerKmip used to make the method call.

cluster

CryptoManagerKmipCertSignRequest

[in] KMIP cluster.

Since vSphere API Release 6.5

request*

[in] Certificate sign request.

Since vSphere API Release 6.5

*Need not be set

Return Value

Type	Description
xsd:string	A new self-signed client certificate.

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="GenerateSelfSignedClientCert" type="vim25:GenerateSelfSignedClientCertRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="GenerateSelfSignedClientCertResponse">
                  <complexType>
                     <sequence>
                        <element name="returnval" type="xsd:string"/>
                     </sequence>
                  </complexType>
               </element>

GetDefaultKmsCluster(getDefaultKmsCluster)

Get the default KMS cluster of the specified managed entity.

Required Privileges: Cryptographer.ManageKeyServers
Since: vSphere API Release 7.0

Parameters

Name

Type

Description

_this

A reference to the CryptoManagerKmip used to make the method call.

entity*

ManagedObjectReference
to a ManagedEntity

[in] The entity where the default KMS cluster to get. If omitted, then return global default KMS cluster.

Since vSphere API Release 7.0

defaultsToParent*

xsd:boolean

[in] (Optional, default = false) If set to true, then get the default kms cluster follow the entity hierarchy. That means if the entity has no default kms cluster, then try to get from its parent.

Since vSphere API Release 7.0

*Need not be set

Return Value

Type	Description
KeyProviderId	The default kms cluster of the entity, if any.

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="GetDefaultKmsCluster" type="vim25:GetDefaultKmsClusterRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="GetDefaultKmsClusterResponse">
                  <complexType>
                     <sequence>
                        <element name="returnval" type="vim25:KeyProviderId" minOccurs="0"/>
                     </sequence>
                  </complexType>
               </element>

IsKmsClusterActive

Check whether an active KMS exists in cluster.

Required Privileges: Cryptographer.ManageKeyServers
Since: vSphere API Release 7.0

Parameters

Name

Type

Description

_this

A reference to the CryptoManagerKmip used to make the method call.

cluster*

[in] KMIP cluster. Will use default cluster if omitted.

Since vSphere API Release 7.0

*Need not be set

Return Value

Type	Description
xsd:boolean	true if active KMS exists in cluster, false otherwise.

Faults

Type	Description
InvalidArgument	in case the cluster is not found.
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="IsKmsClusterActive" type="vim25:IsKmsClusterActiveRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="IsKmsClusterActiveResponse">
                  <complexType>
                     <sequence>
                        <element name="returnval" type="xsd:boolean"/>
                     </sequence>
                  </complexType>
               </element>

ListKmipServers(listKmipServers)

List the registered KMIP servers.

Required Privileges: Cryptographer.ManageKeyServers

Parameters

Name

Type

Description

_this

A reference to the CryptoManagerKmip used to make the method call.

limit*

xsd:int

[in] maximum clusters to return.

Since vSphere API Release 6.5

*Need not be set

Return Value

Type	Description
KmipClusterInfo[]	List of known KMIP servers grouped in clusters.

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="ListKmipServers" type="vim25:ListKmipServersRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="ListKmipServersResponse">
                  <complexType>
                     <sequence>
                        <element name="returnval" type="vim25:KmipClusterInfo" minOccurs="0" maxOccurs="unbounded"/>
                     </sequence>
                  </complexType>
               </element>

ListKmsClusters(listKmsClusters)

List the KMS clusters information.

Required Privileges: Cryptographer.ManageKeyServers
Since: vSphere API Release 7.0

Parameters

Name	Type	Description
_this	ManagedObjectReference	A reference to the CryptoManagerKmip used to make the method call.
includeKmsServers*	xsd:boolean	[in] Whether to list KMS servers information in the cluster. By default will not include the KMS servers information. *Since* vSphere API Release 7.0
managementTypeFilter*	xsd:int	[in] The KMS cluster management type filter. Bit map values: 0x01 - Return VC managed Key Providers registered in the CryptoManager. 0x02 - Return Trusted Key Providers registered in the CryptoManager. 0x04 - Return Trusted Key Providers which are not registered with the CryptoManager. 0x08 - Return Native Key Providers. others - reserved, will be ignored If omitted or -1, then all kinds of Key Providers will be returned. *Since* vSphere API Release 7.0
statusFilter*	xsd:int	[in] The Key Provider status filter. Bit map values: 0x01 - Return active Key Providers. 0x02 - Return inactive Key Providers. others - reserved, will be ignored If omitted or -1, then all status of Key Providers will be returned. *Since* vSphere API Release 7.0

*Need not be set

Return Value

Type	Description
KmipClusterInfo[]	List of Key Providers.

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="ListKmsClusters" type="vim25:ListKmsClustersRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="ListKmsClustersResponse">
                  <complexType>
                     <sequence>
                        <element name="returnval" type="vim25:KmipClusterInfo" minOccurs="0" maxOccurs="unbounded"/>
                     </sequence>
                  </complexType>
               </element>

MarkDefault(markDefault)

Set the default KMIP cluster.

Required Privileges: Cryptographer.ManageKeyServers

Parameters

Name

Type

Description

_this

A reference to the CryptoManagerKmip used to make the method call.

clusterId

[in] KMIP cluster ID to become default.

Since vSphere API Release 6.5

Return Value

Type	Description
None

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="MarkDefault" type="vim25:MarkDefaultRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="MarkDefaultResponse">
                  <complexType/>
               </element>

QueryCryptoKeyStatus(queryCryptoKeyStatus)

Check CryptoKey status, such as if VC can access the key, if the key is used by some VMs or as host key.

Required Privileges: Cryptographer.ManageKeys
Since: vSphere API Release 6.7.2

Parameters

Name

Type

Description

_this

A reference to the CryptoManagerKmip used to make the method call.

keyIds*

CryptoKeyId[]

[in] The Crypto Key Ids to query.

Since vSphere API Release 6.7.2

checkKeyBitMap

xsd:int

[in] The key state to check. Supported value: 0x01. check if key data is available to VC. 0x02. check the VMs which use that key. 0x04. check the hosts using this key as host key. 0x08. Check 3rd party program which use that key. Other bits - reserved and will be igonred.

Since vSphere API Release 6.7.2

*Need not be set

Return Value

Type	Description
CryptoManagerKmipCryptoKeyStatus[]	The structure combined with key status. If bit in parameter is not set when invoke, the returned data in related CryptoKeyStatus will be unknown.

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="QueryCryptoKeyStatus" type="vim25:QueryCryptoKeyStatusRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="QueryCryptoKeyStatusResponse">
                  <complexType>
                     <sequence>
                        <element name="returnval" type="vim25:CryptoManagerKmipCryptoKeyStatus" minOccurs="0" maxOccurs="unbounded"/>
                     </sequence>
                  </complexType>
               </element>

RegisterKmipServer(registerKmipServer)

Required Privileges: Cryptographer.ManageKeyServers

Parameters

Name

Type

Description

_this

A reference to the CryptoManagerKmip used to make the method call.

server

KmipServerSpec

[in] KMIP server connection information.

Since vSphere API Release 6.5

Return Value

Type	Description
None

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="RegisterKmipServer" type="vim25:RegisterKmipServerRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="RegisterKmipServerResponse">
                  <complexType/>
               </element>

RegisterKmsCluster(registerKmsCluster)

Required Privileges: Cryptographer.ManageKeyServers
Since: vSphere API Release 7.0

Parameters

Name

Type

Description

_this

A reference to the CryptoManagerKmip used to make the method call.

clusterId

[in] KMS cluster ID to register.

Since vSphere API Release 7.0

managementType*

xsd:string

[in] Key provider management type See KmipClusterInfoKmsManagementType for valid values. By default trustAuthority.

Since vSphere API Release 7.0

*Need not be set

Return Value

Type	Description
None

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="RegisterKmsCluster" type="vim25:RegisterKmsClusterRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="RegisterKmsClusterResponse">
                  <complexType/>
               </element>

RemoveKmipServer(removeKmipServer)

Remove a KMIP server, even if in use.

Required Privileges: Cryptographer.ManageKeyServers

Parameters

Name

Type

Description

_this

A reference to the CryptoManagerKmip used to make the method call.

clusterId

[in] KMIP cluster ID.

Since vSphere API Release 6.5

serverName

xsd:string

[in] KMIP server name.

Since vSphere API Release 6.5

Return Value

Type	Description
None

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="RemoveKmipServer" type="vim25:RemoveKmipServerRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="RemoveKmipServerResponse">
                  <complexType/>
               </element>

RetrieveClientCert(retrieveClientCert)

Get the client certificate of the KMIP cluster.

Required Privileges: Cryptographer.ManageKeyServers

Parameters

Name

Type

Description

_this

A reference to the CryptoManagerKmip used to make the method call.

cluster

[in] KMIP cluster.

Since vSphere API Release 6.5

Return Value

Type	Description
xsd:string	The client certificate.

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="RetrieveClientCert" type="vim25:RetrieveClientCertRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="RetrieveClientCertResponse">
                  <complexType>
                     <sequence>
                        <element name="returnval" type="xsd:string"/>
                     </sequence>
                  </complexType>
               </element>

RetrieveClientCsr(retrieveClientCsr)

Get the generated client certificate signing request. If GenerateClientCsr is called previously, this will return the generated certificate signing request; otherwise return empty string.

Required Privileges: Cryptographer.ManageKeyServers

Parameters

Name

Type

Description

_this

A reference to the CryptoManagerKmip used to make the method call.

cluster

[in] KMIP cluster.

Since vSphere API Release 6.5

Return Value

Type	Description
xsd:string	The CSR generated previously, if any.

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="RetrieveClientCsr" type="vim25:RetrieveClientCsrRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="RetrieveClientCsrResponse">
                  <complexType>
                     <sequence>
                        <element name="returnval" type="xsd:string"/>
                     </sequence>
                  </complexType>
               </element>

RetrieveKmipServerCert(retrieveKmipServerCert)

Get the server certficate. In the case of error, an empty certificate string is returned.

Required Privileges: Cryptographer.ManageKeyServers

Parameters

Name

Type

Description

_this

A reference to the CryptoManagerKmip used to make the method call.

keyProvider

[in] KMIP cluster in which the server is placed or will be created.

Since vSphere API Release 6.5

server

KmipServerInfo

[in] KMIP server.

Since vSphere API Release 6.5

Return Value

Type	Description
CryptoManagerKmipServerCertInfo	Information about the server certificate.

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="RetrieveKmipServerCert" type="vim25:RetrieveKmipServerCertRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="RetrieveKmipServerCertResponse">
                  <complexType>
                     <sequence>
                        <element name="returnval" type="vim25:CryptoManagerKmipServerCertInfo"/>
                     </sequence>
                  </complexType>
               </element>

RetrieveKmipServersStatus_Task(retrieveKmipServersStatus)

Get the status of the KMIP servers.

Required Privileges: Cryptographer.ManageKeyServers

Parameters

Name

Type

Description

_this

A reference to the CryptoManagerKmip used to make the method call.

clusters*

KmipClusterInfo[]

[in] KMIP clusters and their servers.

Since vSphere API Release 6.5

*Need not be set

Return Value

Type	Description
ManagedObjectReference to a Task

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

RetrieveSelfSignedClientCert(retrieveSelfSignedClientCert)

Get the generated self signed client certificate. If GenerateSelfSignedClientCert is called previously, this will return the generated certificate; otherwise return empty string.

Required Privileges: Cryptographer.ManageKeyServers

Parameters

Name

Type

Description

_this

A reference to the CryptoManagerKmip used to make the method call.

cluster

[in] KMIP cluster.

Since vSphere API Release 6.5

Return Value

Type	Description
xsd:string	The self signed certificate generated previously, if any.

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="RetrieveSelfSignedClientCert" type="vim25:RetrieveSelfSignedClientCertRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="RetrieveSelfSignedClientCertResponse">
                  <complexType>
                     <sequence>
                        <element name="returnval" type="xsd:string"/>
                     </sequence>
                  </complexType>
               </element>

SetDefaultKmsCluster(setDefaultKmsCluster)

Set the default KMS cluster for the specified managed entity.

Required Privileges: Cryptographer.ManageKeyServers
Since: vSphere API Release 7.0

Parameters

Name

Type

Description

_this

A reference to the CryptoManagerKmip used to make the method call.

entity*

ManagedObjectReference
to a ManagedEntity

[in] The managed entity where the default KMS cluster to be set. Currently the valid managed entity could be cluster or host folder. If omitted, then will set global default KMS cluster.

Since vSphere API Release 7.0

clusterId*

[in] KMS cluster ID to become default. If omitted, then will clear the default KMS cluster setting.

Since vSphere API Release 7.0

*Need not be set

Return Value

Type	Description
None

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="SetDefaultKmsCluster" type="vim25:SetDefaultKmsClusterRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="SetDefaultKmsClusterResponse">
                  <complexType/>
               </element>

SetKeyCustomAttributes(setKeyCustomAttributes)

Set crypto key's custom attributes.

Required Privileges: Cryptographer.ManageKeys
Since: vSphere API Release 8.0.1.0

Parameters

Name

Type

Description

_this

CryptoManagerKmipCustomAttributeSpec

A reference to the CryptoManagerKmip used to make the method call.

keyId

CryptoKeyId

[in] The crypto Key Id.

Since vSphere API Release 8.0.1.0

spec

[in] The spec that contains custom attributes key/value pairs.

Since vSphere API Release 8.0.1.0

Return Value

Type	Description
CryptoKeyResult	The structure combined with status and fail reason.

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="SetKeyCustomAttributes" type="vim25:SetKeyCustomAttributesRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="SetKeyCustomAttributesResponse">
                  <complexType>
                     <sequence>
                        <element name="returnval" type="vim25:CryptoKeyResult"/>
                     </sequence>
                  </complexType>
               </element>

UnregisterKmsCluster(unregisterKmsCluster)

Unregister the specified KMS cluster from the CryptoManager.

Required Privileges: Cryptographer.ManageKeyServers
Since: vSphere API Release 7.0

Parameters

Name

Type

Description

_this

A reference to the CryptoManagerKmip used to make the method call.

clusterId

[in] KMS cluster ID to unregister.

Since vSphere API Release 7.0

Return Value

Type	Description
None

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="UnregisterKmsCluster" type="vim25:UnregisterKmsClusterRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="UnregisterKmsClusterResponse">
                  <complexType/>
               </element>

UpdateKmipServer(updateKmipServer)

Update a KMIP server.

Required Privileges: Cryptographer.ManageKeyServers

Parameters

Name

Type

Description

_this

A reference to the CryptoManagerKmip used to make the method call.

server

KmipServerSpec

[in] KMIP server connection information.

Since vSphere API Release 6.5

Return Value

Type	Description
None

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="UpdateKmipServer" type="vim25:UpdateKmipServerRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="UpdateKmipServerResponse">
                  <complexType/>
               </element>

UpdateKmsSignedCsrClientCert(updateKmsSignedCsrClientCert)

Set KMS server signed certificate as KMIP client certificate for the KMS cluster. This method should be called to update the certificate signed by KMS server from a CSR that is generated by calling GenerateClientCsr. If GenerateClientCsr is called more than once, the CSR that is generated last time should be used; otherwise the certificate will be rejected because the private key from last time won't match the public key in the certificate.

Required Privileges: Cryptographer.ManageKeyServers

Parameters

Name

Type

Description

_this

A reference to the CryptoManagerKmip used to make the method call.

cluster

[in] KMIP cluster.

Since vSphere API Release 6.5

certificate

xsd:string

[in] Client certificate.

Since vSphere API Release 6.5

Return Value

Type	Description
None

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="UpdateKmsSignedCsrClientCert" type="vim25:UpdateKmsSignedCsrClientCertRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="UpdateKmsSignedCsrClientCertResponse">
                  <complexType/>
               </element>

UpdateSelfSignedClientCert(updateSelfSignedClientCert)

Set a self-signed certificate as KMIP client certificate for the KMS cluster. This method should be called to update the certificate which is generated by calling GenerateSelfSignedClientCert. If GenerateSelfSignedClientCert is called more than once, the self signed certificate that is generated last time should be used; otherwise the certificate will be rejected because the private key from last time won't match the public key in the certificate.

Required Privileges: Cryptographer.ManageKeyServers

Parameters

Name

Type

Description

_this

A reference to the CryptoManagerKmip used to make the method call.

cluster

[in] KMIP cluster.

Since vSphere API Release 6.5

certificate

xsd:string

[in] Client certificate.

Since vSphere API Release 6.5

Return Value

Type	Description
None

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="UpdateSelfSignedClientCert" type="vim25:UpdateSelfSignedClientCertRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="UpdateSelfSignedClientCertResponse">
                  <complexType/>
               </element>

UploadClientCert(uploadClientCert)

Set a client certificate with private key for the KMIP cluster. The certificate and private key can be assigned by a KMS server and the certificate might be already trusted by the KMS server.

Required Privileges: Cryptographer.ManageKeyServers

Parameters

Name	Type	Description
_this	ManagedObjectReference	A reference to the CryptoManagerKmip used to make the method call.
cluster	KeyProviderId	[in] KMIP cluster. *Since* vSphere API Release 6.5
certificate	xsd:string	[in] Client certificate. *Since* vSphere API Release 6.5
privateKey	xsd:string	[in] Private key. *Since* vSphere API Release 6.5

Return Value

Type	Description
None

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="UploadClientCert" type="vim25:UploadClientCertRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="UploadClientCertResponse">
                  <complexType/>
               </element>

UploadKmipServerCert(uploadKmipServerCert)

Upload a server certficate.

Required Privileges: Cryptographer.ManageKeyServers

Parameters

Name

Type

Description

_this

A reference to the CryptoManagerKmip used to make the method call.

cluster

[in] KMIP cluster.

Since vSphere API Release 6.5

certificate

xsd:string

[in] Server certificate in PEM encoding.

Since vSphere API Release 6.5

Return Value

Type	Description
None

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None