Managed Object - HostCertificateManager(vim.host.CertificateManager)

Property of: HostConfigManager
See also: HostCertificateManagerCertificateInfo
Since: vSphere API 6.0

Managed Object Description

CertificateManager provides an interface for managing the SSL certificates used by the server.

Properties

Name	Type	Description
certificateInfo P	HostCertificateManagerCertificateInfo	the CertificateInfo of the Host Certificate.

P Required privilege: Certificate.Manage

Methods

Methods defined in this Managed Object
GenerateCertificateSigningRequest, GenerateCertificateSigningRequestByDn, InstallServerCertificate, ListCACertificateRevocationLists, ListCACertificates, ReplaceCACertificatesAndCRLs

GenerateCertificateSigningRequest(generateCertificateSigningRequest)

Requests the server to generate a certificate-signing request (CSR) for itself. The CSR is then typically provided to a Certificate Authority to sign and issue the SSL certificate for the server. Use InstallServerCertificate to install this certificate.

Required Privileges: Certificate.Manage

Parameters

Name	Type	Description
_this	ManagedObjectReference	A reference to the HostCertificateManager used to make the method call.
useIpAddressAsCommonName	xsd:boolean	if true, use host's management IP address as CN in the CSR; otherwise use host's FQDN.

Return Value

Type	Description
xsd:string	CSR in PEM format

Faults

Type	Description
HostConfigFault	Thrown if there's a problem generating the CSR.
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

Show WSDL type definition

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="GenerateCertificateSigningRequest" type="vim25:GenerateCertificateSigningRequestRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="GenerateCertificateSigningRequestResponse">
            <complexType>
               <sequence>
                  <element name="returnval" type="xsd:string"/>
               </sequence>
            </complexType>
         </element>

GenerateCertificateSigningRequestByDn(generateCertificateSigningRequestByDn)

Requests the server to generate a certificate-signing request (CSR) for itself. Alternative version similar to GenerateCertificateSigningRequest but takes a Distinguished Name (DN) as a parameter.

Required Privileges: Certificate.Manage

Parameters

Name	Type	Description
_this	ManagedObjectReference	A reference to the HostCertificateManager used to make the method call.
distinguishedName	xsd:string	DN to be used as subject in CSR.

Return Value

Type	Description
xsd:string	CSR in PEM format

Faults

Type	Description
HostConfigFault	Thrown if there's a problem generating the CSR.
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

Show WSDL type definition

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="GenerateCertificateSigningRequestByDn" type="vim25:GenerateCertificateSigningRequestByDnRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="GenerateCertificateSigningRequestByDnResponse">
            <complexType>
               <sequence>
                  <element name="returnval" type="xsd:string"/>
               </sequence>
            </complexType>
         </element>

InstallServerCertificate(installServerCertificate)

Installs a given SSL certificate on the server.

Required Privileges: Certificate.Manage

Parameters

Name	Type	Description
_this	ManagedObjectReference	A reference to the HostCertificateManager used to make the method call.
cert	xsd:string	SSL certificate in PEM format

Return Value

Type	Description
None

Faults

Type	Description
HostConfigFault	Thrown if there's a problem generating the CSR.
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

Show WSDL type definition

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="InstallServerCertificate" type="vim25:InstallServerCertificateRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="InstallServerCertificateResponse">
            <complexType/>
         </element>

ListCACertificateRevocationLists(listCACertificateRevocationLists)

Fetches the SSL CRLs of Certificate Authorities that are trusted.

Required Privileges: Certificate.Manage

Parameters

Name	Type	Description
_this	ManagedObjectReference	A reference to the HostCertificateManager used to make the method call.

Return Value

Type	Description
xsd:string[]	SSL CRLs of trusted CAs in PEM format

Faults

Type	Description
HostConfigFault	Thrown if there's a problem with the certificate store.
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

Show WSDL type definition

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="ListCACertificateRevocationLists" type="vim25:ListCACertificateRevocationListsRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="ListCACertificateRevocationListsResponse">
            <complexType>
               <sequence>
                  <element name="returnval" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/>
               </sequence>
            </complexType>
         </element>

ListCACertificates(listCACertificates)

Fetches the SSL certificates of Certificate Authorities that are trusted.

Required Privileges: Certificate.Manage

Parameters

Name	Type	Description
_this	ManagedObjectReference	A reference to the HostCertificateManager used to make the method call.

Return Value

Type	Description
xsd:string[]	SSL certificates of trusted CAs in PEM format

Faults

Type	Description
HostConfigFault	Thrown if there's a problem with the certificate store.
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

Show WSDL type definition

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="ListCACertificates" type="vim25:ListCACertificatesRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="ListCACertificatesResponse">
            <complexType>
               <sequence>
                  <element name="returnval" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/>
               </sequence>
            </complexType>
         </element>

ReplaceCACertificatesAndCRLs(replaceCACertificatesAndCRLs)

Replaces the trusted Certificate Authority (CA) certificates and Certification Revocation List (CRL) used by the server with the provided values. These determine whether the server can verify the identity of an external entity.

Required Privileges: Certificate.Manage

Parameters

Name	Type	Description
_this	ManagedObjectReference	A reference to the HostCertificateManager used to make the method call.
caCert	xsd:string[]	List of SSL certificates, in PEM format, of all CAs that should be trusted
caCrl*	xsd:string[]	List of SSL CRLs, in PEM format, issued by trusted CAs from the above list

*Need not be set

Return Value

Type	Description
None

Faults

Type	Description
HostConfigFault	Thrown if there's a problem if there's a problem with the input certificates or CRLs.
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

Show WSDL type definition

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="ReplaceCACertificatesAndCRLs" type="vim25:ReplaceCACertificatesAndCRLsRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="ReplaceCACertificatesAndCRLsResponse">
            <complexType/>
         </element>