Managed Object - CryptoManagerHost(vim.encryption.CryptoManagerHost)

Extended by
CryptoManagerHostKMS
Extends
CryptoManager
See also
CryptoKeyPlain
Since
vSphere API 6.7


Managed Object Description

Properties

Name Type Description
None
Properties inherited from CryptoManager
enabled

Methods

Methods defined in this Managed Object
ChangeKey_Task, CryptoManagerHostDisable, CryptoManagerHostEnable, CryptoManagerHostPrepare
Methods inherited from CryptoManager
AddKey, AddKeys, ListKeys, RemoveKey, RemoveKeys

ChangeKey_Task(changeKey)

Change the key used for core dump encryption Note: CryptoManagerHostEnable must be called first If successful, a "best effort" will be made to "in place" shallow recrypt any core dumps found in /var/core to use the new key.
Required Privileges
Cryptographer.RegisterHost

Parameters

NameTypeDescription
_thisManagedObjectReference A reference to the CryptoManagerHost used to make the method call.
newKey PCryptoKeyPlain

The key that replaces the existing core dump encryption key

Since vSphere API 6.7
P Required privilege: newKey

Return Value

Type Description
pbm.Task

Faults

Type Description
InvalidStateThrown if the host is not in vim.HostSystem.CryptoState#safe state
RuntimeFaultThrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None



CryptoManagerHostDisable(disable)

Disable encryption on host, if host was in crypto safe mode, put it in pendingIncapable state and host will be crypto incapable after a reboot Note: A reboot is expected from user after successfully invoking this API Note: Do not call this API if the host is in vSAN encrypted cluster
Required Privileges
Cryptographer.RegisterHost
Since
vSphere API 7.0

Parameters

NameTypeDescription
_thisManagedObjectReference A reference to the CryptoManagerHost used to make the method call.

Return Value

Type Description
None

Faults

Type Description
InvalidStateThrown if the host is already crypto disabled.
RuntimeFaultThrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

Show WSDL type definition



CryptoManagerHostEnable(enable)

Begin core dump encryption by specifying the encryption key and put the host in vim.HostSystem.CryptoState#safe state Note: CryptoManagerHostPrepare must be called first
Required Privileges
Cryptographer.RegisterHost

Parameters

NameTypeDescription
_thisManagedObjectReference A reference to the CryptoManagerHost used to make the method call.
initialKey PCryptoKeyPlain

The key to be used for core dump encryption

Since vSphere API 6.7
P Required privilege: initialKey

Return Value

Type Description
None

Faults

Type Description
AlreadyExistsThrown if the host is in vim.HostSystem.CryptoState#safe state and initialKey differs from the existing core dump encryption key
InvalidStateThrown if the host is in vim.HostSystem.CryptoState#incapable state
RuntimeFaultThrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

Show WSDL type definition



CryptoManagerHostPrepare(prepare)

Prime the host to receive sensitive information and put the host in vim.HostSystem.CryptoState#prepared state
Required Privileges
Cryptographer.RegisterHost

Parameters

NameTypeDescription
_thisManagedObjectReference A reference to the CryptoManagerHost used to make the method call.

Return Value

Type Description
None

Faults

Type Description
InvalidStateThrown if the host is not in vim.HostSystem.CryptoState#incapable state
RuntimeFaultThrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

Show WSDL type definition