Virtual Storage Lifecycle Management API


Managed Object - HostCertificateManager(vim.host.CertificateManager)

Property of
HostConfigManager
See also
HostCertificateManagerCertificateInfo
Since
vSphere API Release 6.0


Managed Object Description

CertificateManager provides an interface for managing the SSL certificates used by the server.

Properties

Name Type Description
certificateInfo PHostCertificateManagerCertificateInfo

the CertificateInfo of the Host Certificate.
P Required privilege: Certificate.Manage

Methods

Methods defined in this Managed Object
GenerateCertificateSigningRequest, GenerateCertificateSigningRequestByDn, InstallServerCertificate, ListCACertificateRevocationLists, ListCACertificates, ReplaceCACertificatesAndCRLs

GenerateCertificateSigningRequest(generateCertificateSigningRequest)

Requests the server to generate a certificate-signing request (CSR) for itself. The CSR is then typically provided to a Certificate Authority to sign and issue the SSL certificate for the server. Use InstallServerCertificate to install this certificate.
Required Privileges
Certificate.Manage

Parameters

NameTypeDescription
_thisManagedObjectReference A reference to the HostCertificateManager used to make the method call.
useIpAddressAsCommonNamexsd:boolean

if true, use host's management IP address as CN in the CSR; otherwise use host's FQDN.

Since vSphere API Release 6.0

Return Value

Type Description
xsd:stringCSR in PEM format

Faults

Type Description
HostConfigFaultThrown if there's a problem generating the CSR.
RuntimeFaultThrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

Show WSDL type definition



GenerateCertificateSigningRequestByDn(generateCertificateSigningRequestByDn)

Requests the server to generate a certificate-signing request (CSR) for itself. Alternative version similar to GenerateCertificateSigningRequest but takes a Distinguished Name (DN) as a parameter.
Required Privileges
Certificate.Manage

Parameters

NameTypeDescription
_thisManagedObjectReference A reference to the HostCertificateManager used to make the method call.
distinguishedNamexsd:string

DN to be used as subject in CSR.

Since vSphere API Release 6.0

Return Value

Type Description
xsd:stringCSR in PEM format

Faults

Type Description
HostConfigFaultThrown if there's a problem generating the CSR.
RuntimeFaultThrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

Show WSDL type definition



InstallServerCertificate(installServerCertificate)

Installs a given SSL certificate on the server. The private key must have been previously generated by GenerateCertificateSigningRequest or provided by vim.host.CertificateManager#provisionServerPrivateKey.
Required Privileges
Certificate.Manage

Parameters

NameTypeDescription
_thisManagedObjectReference A reference to the HostCertificateManager used to make the method call.
certxsd:string

SSL certificate in PEM format

Since vSphere API Release 6.0

Return Value

Type Description
None

Faults

Type Description
HostConfigFaultThrown if there's a problem with the input certificate, or the certificate and key don't match.
RuntimeFaultThrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

Show WSDL type definition



ListCACertificateRevocationLists(listCACertificateRevocationLists)

Fetches the SSL CRLs of Certificate Authorities that are trusted.
Required Privileges
Certificate.Manage

Parameters

NameTypeDescription
_thisManagedObjectReference A reference to the HostCertificateManager used to make the method call.

Return Value

Type Description
xsd:string[]SSL CRLs of trusted CAs in PEM format

Faults

Type Description
HostConfigFaultThrown if there's a problem with the certificate store.
RuntimeFaultThrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

Show WSDL type definition



ListCACertificates(listCACertificates)

Fetches the SSL certificates of Certificate Authorities that are trusted.
Required Privileges
Certificate.Manage

Parameters

NameTypeDescription
_thisManagedObjectReference A reference to the HostCertificateManager used to make the method call.

Return Value

Type Description
xsd:string[]SSL certificates of trusted CAs in PEM format

Faults

Type Description
HostConfigFaultThrown if there's a problem with the certificate store.
RuntimeFaultThrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

Show WSDL type definition



ReplaceCACertificatesAndCRLs(replaceCACertificatesAndCRLs)

Replaces the trusted Certificate Authority (CA) certificates and Certification Revocation List (CRL) used by the server with the provided values. These determine whether the server can verify the identity of an external entity.
Required Privileges
Certificate.Manage

Parameters

NameTypeDescription
_thisManagedObjectReference A reference to the HostCertificateManager used to make the method call.
caCertxsd:string[]

List of SSL certificates, in PEM format, of all CAs that should be trusted

Since vSphere API Release 6.0
caCrl*xsd:string[]

List of SSL CRLs, in PEM format, issued by trusted CAs from the above list

Since vSphere API Release 6.0
*Need not be set

Return Value

Type Description
None

Faults

Type Description
HostConfigFaultThrown if there's a problem with the input certificates or CRLs.
RuntimeFaultThrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

Show WSDL type definition