Managed Object - CryptoManagerKmip(vim.encryption.CryptoManagerKmip)

A reference to the CryptoManagerKmip used to make the method call.

cluster P

[in] KMIP cluster.

Since vSphere API 6.5

P Required privilege: cluster

Return Value

Type	Description
xsd:string	A newly generated CSR.

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="GenerateClientCsr" type="vim25:GenerateClientCsrRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="GenerateClientCsrResponse">
                  <complexType>
                     <sequence>
                        <element name="returnval" type="xsd:string"/>
                     </sequence>
                  </complexType>
               </element>

GenerateKey(generateKey)

Generate new encryption key.

Required Privileges: Cryptographer.ManageKeys

Parameters

Name

Type

Description

_this

A reference to the CryptoManagerKmip used to make the method call.

keyProvider* P

[in] Which provider will generate the key. If omitted, will use the default key provider.

Since vSphere API 6.5

*Need not be set P Required privilege: keyProvider

Return Value

Type	Description
CryptoKeyResult	The generated key.

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="GenerateKey" type="vim25:GenerateKeyRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="GenerateKeyResponse">
                  <complexType>
                     <sequence>
                        <element name="returnval" type="vim25:CryptoKeyResult"/>
                     </sequence>
                  </complexType>
               </element>

GenerateSelfSignedClientCert(generateSelfSignedClientCert)

Generate a self-signed client certificate with its private key. This generates a self signed certificate as well as its private key. The private key will not be returned to caller for security protection. If this method is called again, the certificate and private key generated in the new invocation will overwrite the old ones. The generated certificate will not replace current working certificate until UpdateSelfSignedClientCert is called. The generated self signed certificate can be later retrieved by calling RetrieveSelfSignedClientCert.

Required Privileges: Cryptographer.ManageKeyServers

Parameters

Name

Type

Description

_this

A reference to the CryptoManagerKmip used to make the method call.

cluster P

[in] KMIP cluster.

Since vSphere API 6.5

P Required privilege: cluster

Return Value

Type	Description
xsd:string	A new self-signed client certificate.

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="GenerateSelfSignedClientCert" type="vim25:GenerateSelfSignedClientCertRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="GenerateSelfSignedClientCertResponse">
                  <complexType>
                     <sequence>
                        <element name="returnval" type="xsd:string"/>
                     </sequence>
                  </complexType>
               </element>

GetDefaultKmsCluster(getDefaultKmsCluster)

Get the default KMS cluster of the specified managed entity.

Required Privileges: Cryptographer.ManageKeyServers
Since: vSphere API 7.0

Parameters

Name

Type

Description

_this

A reference to the CryptoManagerKmip used to make the method call.

entity* P

ManagedObjectReference
to a ManagedEntity

[in] The entity where the default KMS cluster to get. If omitted, then return global default KMS cluster.

Since vSphere API 7.0

defaultsToParent* P

xsd:boolean

[in] (Optional, default = false) If set to true, then get the default kms cluster follow the entity hierarchy. That means if the entity has no default kms cluster, then try to get from its parent.

Since vSphere API 7.0

*Need not be set PRequired privilege - see tooltip for details

Return Value

Type	Description
KeyProviderId	The default kms cluster of the entity, if any.

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="GetDefaultKmsCluster" type="vim25:GetDefaultKmsClusterRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="GetDefaultKmsClusterResponse">
                  <complexType>
                     <sequence>
                        <element name="returnval" type="vim25:KeyProviderId" minOccurs="0"/>
                     </sequence>
                  </complexType>
               </element>

IsKmsClusterActive

Check whether an active KMS exists in cluster.

Required Privileges: Cryptographer.ManageKeyServers
Since: vSphere API 7.0

Parameters

Name

Type

Description

_this

A reference to the CryptoManagerKmip used to make the method call.

cluster* P

[in] KMIP cluster. Will use default cluster if omitted.

Since vSphere API 7.0

*Need not be set P Required privilege: cluster

Return Value

Type	Description
xsd:boolean	true if active KMS exists in cluster, false otherwise.

Faults

Type	Description
InvalidArgument	in case the cluster is not found.
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="IsKmsClusterActive" type="vim25:IsKmsClusterActiveRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="IsKmsClusterActiveResponse">
                  <complexType>
                     <sequence>
                        <element name="returnval" type="xsd:boolean"/>
                     </sequence>
                  </complexType>
               </element>

ListKmipServers(listKmipServers)

List the registered KMIP servers.

Required Privileges: Cryptographer.ManageKeyServers

Parameters

Name

Type

Description

_this

A reference to the CryptoManagerKmip used to make the method call.

limit* P

xsd:int

[in] maximum clusters to return.

Since vSphere API 6.5

*Need not be set P Required privilege: limit

Return Value

Type	Description
KmipClusterInfo[]	List of known KMIP servers grouped in clusters.

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="ListKmipServers" type="vim25:ListKmipServersRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="ListKmipServersResponse">
                  <complexType>
                     <sequence>
                        <element name="returnval" type="vim25:KmipClusterInfo" minOccurs="0" maxOccurs="unbounded"/>
                     </sequence>
                  </complexType>
               </element>

ListKmsClusters(listKmsClusters)

List the KMS clusters information.

Required Privileges: Cryptographer.ManageKeyServers
Since: vSphere API 7.0

Parameters

Name	Type	Description
_this	ManagedObjectReference	A reference to the CryptoManagerKmip used to make the method call.
includeKmsServers* P	xsd:boolean	[in] Whether to list KMS servers information in the cluster. By default will not include the KMS servers information. *Since* vSphere API 7.0
managementTypeFilter* P	xsd:int	[in] The KMS cluster management type filter. Bit map values: 0x01 - Return VC managed Key Providers registered in the CryptoManager. 0x02 - Return Trusted Key Providers registered in the CryptoManager. 0x04 - Return Trusted Key Providers which are not registered with the CryptoManager. others - reserved, will be ignored If omitted or -1, then all kinds of Key Providers will be returned. *Since* vSphere API 7.0
statusFilter* P	xsd:int	[in] The Key Provider status filter. Bit map values: 0x01 - Return active Key Providers. 0x02 - Return inactive Key Providers. others - reserved, will be ignored If omitted or -1, then all status of Key Providers will be returned. *Since* vSphere API 7.0

*Need not be set PRequired privilege - see tooltip for details

Return Value

Type	Description
KmipClusterInfo[]	List of Key Providers.

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="ListKmsClusters" type="vim25:ListKmsClustersRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="ListKmsClustersResponse">
                  <complexType>
                     <sequence>
                        <element name="returnval" type="vim25:KmipClusterInfo" minOccurs="0" maxOccurs="unbounded"/>
                     </sequence>
                  </complexType>
               </element>

MarkDefault(markDefault)

Set the default KMIP cluster.

Required Privileges: Cryptographer.ManageKeyServers

Parameters

Name

Type

Description

_this

A reference to the CryptoManagerKmip used to make the method call.

clusterId P

[in] KMIP cluster ID to become default.

Since vSphere API 6.5

P Required privilege: clusterId

Return Value

Type	Description
None

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="MarkDefault" type="vim25:MarkDefaultRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="MarkDefaultResponse">
                  <complexType/>
               </element>

QueryCryptoKeyStatus(queryCryptoKeyStatus)

Check CryptoKey status, such as if VC can access the key, if the key is used by some VMs or as host key.

Required Privileges: Cryptographer.ManageKeys
Since: vSphere API 6.7.2

Parameters

Name

Type

Description

_this

A reference to the CryptoManagerKmip used to make the method call.

keyIds* P

CryptoKeyId[]

[in] The Crypto Key Ids to query.

Since vSphere API 6.7.2

checkKeyBitMap P

xsd:int

[in] The key state to check. Supported value: 0x01. check if key data is available to VC. 0x02. check the VMs which use that key. 0x04. check the hosts using this key as host key. 0x08. Check 3rd party program which use that key. Other bits - reserved and will be igonred.

Since vSphere API 6.7.2

*Need not be set PRequired privilege - see tooltip for details

Return Value

Type	Description
CryptoManagerKmipCryptoKeyStatus[]	The structure combined with key status. If bit in parameter is not set when invoke, the returned data in related CryptoKeyStatus will be unknown.

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="QueryCryptoKeyStatus" type="vim25:QueryCryptoKeyStatusRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="QueryCryptoKeyStatusResponse">
                  <complexType>
                     <sequence>
                        <element name="returnval" type="vim25:CryptoManagerKmipCryptoKeyStatus" minOccurs="0" maxOccurs="unbounded"/>
                     </sequence>
                  </complexType>
               </element>

RegisterKmipServer(registerKmipServer)

Required Privileges: Cryptographer.ManageKeyServers

Parameters

Name

Type

Description

_this

A reference to the CryptoManagerKmip used to make the method call.

server P

KmipServerSpec

[in] KMIP server connection information.

Since vSphere API 6.5

P Required privilege: server

Return Value

Type	Description
None

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="RegisterKmipServer" type="vim25:RegisterKmipServerRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="RegisterKmipServerResponse">
                  <complexType/>
               </element>

RegisterKmsCluster(registerKmsCluster)

Required Privileges: Cryptographer.ManageKeyServers
Since: vSphere API 7.0

Parameters

Name

Type

Description

_this

A reference to the CryptoManagerKmip used to make the method call.

clusterId P

[in] KMS cluster ID to register.

Since vSphere API 7.0

managementType* P

xsd:string

[in] Key provider management type See KmipClusterInfoKmsManagementType for valid values. By default trustAuthority.

Since vSphere API 7.0

*Need not be set PRequired privilege - see tooltip for details

Return Value

Type	Description
None

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="RegisterKmsCluster" type="vim25:RegisterKmsClusterRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="RegisterKmsClusterResponse">
                  <complexType/>
               </element>

RemoveKmipServer(removeKmipServer)

Remove a KMIP server, even if in use.

Required Privileges: Cryptographer.ManageKeyServers

Parameters

Name

Type

Description

_this

A reference to the CryptoManagerKmip used to make the method call.

clusterId P

[in] KMIP cluster ID.

Since vSphere API 6.5

serverName P

xsd:string

[in] KMIP server name.

Since vSphere API 6.5

PRequired privilege - see tooltip for details

Return Value

Type	Description
None

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="RemoveKmipServer" type="vim25:RemoveKmipServerRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="RemoveKmipServerResponse">
                  <complexType/>
               </element>

RetrieveClientCert(retrieveClientCert)

Get the client certificate of the KMIP cluster.

Required Privileges: Cryptographer.ManageKeyServers

Parameters

Name

Type

Description

_this

A reference to the CryptoManagerKmip used to make the method call.

cluster P

[in] KMIP cluster.

Since vSphere API 6.5

P Required privilege: cluster

Return Value

Type	Description
xsd:string	The client certificate.

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="RetrieveClientCert" type="vim25:RetrieveClientCertRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="RetrieveClientCertResponse">
                  <complexType>
                     <sequence>
                        <element name="returnval" type="xsd:string"/>
                     </sequence>
                  </complexType>
               </element>

RetrieveClientCsr(retrieveClientCsr)

Get the generated client certificate signing request. If GenerateClientCsr is called previously, this will return the generated certificate signing request; otherwise return empty string.

Required Privileges: Cryptographer.ManageKeyServers

Parameters

Name

Type

Description

_this

A reference to the CryptoManagerKmip used to make the method call.

cluster P

[in] KMIP cluster.

Since vSphere API 6.5

P Required privilege: cluster

Return Value

Type	Description
xsd:string	The CSR generated previously, if any.

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="RetrieveClientCsr" type="vim25:RetrieveClientCsrRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="RetrieveClientCsrResponse">
                  <complexType>
                     <sequence>
                        <element name="returnval" type="xsd:string"/>
                     </sequence>
                  </complexType>
               </element>

RetrieveKmipServerCert(retrieveKmipServerCert)

Get the server certficate. In the case of error, an empty certificate string is returned.

Required Privileges: Cryptographer.ManageKeyServers

Parameters

Name

Type

Description

_this

A reference to the CryptoManagerKmip used to make the method call.

keyProvider P

[in] KMIP cluster in which the server is placed or will be created.

Since vSphere API 6.5

server P

KmipServerInfo

[in] KMIP server.

Since vSphere API 6.5

PRequired privilege - see tooltip for details

Return Value

Type	Description
CryptoManagerKmipServerCertInfo	Information about the server certificate.

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="RetrieveKmipServerCert" type="vim25:RetrieveKmipServerCertRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="RetrieveKmipServerCertResponse">
                  <complexType>
                     <sequence>
                        <element name="returnval" type="vim25:CryptoManagerKmipServerCertInfo"/>
                     </sequence>
                  </complexType>
               </element>

RetrieveKmipServersStatus_Task(retrieveKmipServersStatus)

Get the status of the KMIP servers.

Required Privileges: Cryptographer.ManageKeyServers

Parameters

Name

Type

Description

_this

A reference to the CryptoManagerKmip used to make the method call.

clusters* P

KmipClusterInfo[]

[in] KMIP clusters and their servers.

Since vSphere API 6.5

*Need not be set P Required privilege: clusters

Return Value

Type	Description
ManagedObjectReference to a Task

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

RetrieveSelfSignedClientCert(retrieveSelfSignedClientCert)

Get the generated self signed client certificate. If GenerateSelfSignedClientCert is called previously, this will return the generated certificate; otherwise return empty string.

Required Privileges: Cryptographer.ManageKeyServers

Parameters

Name

Type

Description

_this

A reference to the CryptoManagerKmip used to make the method call.

cluster P

[in] KMIP cluster.

Since vSphere API 6.5

P Required privilege: cluster

Return Value

Type	Description
xsd:string	The self signed certificate generated previously, if any.

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="RetrieveSelfSignedClientCert" type="vim25:RetrieveSelfSignedClientCertRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="RetrieveSelfSignedClientCertResponse">
                  <complexType>
                     <sequence>
                        <element name="returnval" type="xsd:string"/>
                     </sequence>
                  </complexType>
               </element>

SetDefaultKmsCluster(setDefaultKmsCluster)

Set the default KMS cluster for the specified managed entity.

Required Privileges: Cryptographer.ManageKeyServers
Since: vSphere API 7.0

Parameters

Name

Type

Description

_this

A reference to the CryptoManagerKmip used to make the method call.

entity* P

ManagedObjectReference
to a ManagedEntity

[in] The managed entity where the default KMS cluster to be set. Currently the valid managed entity could be cluster or host folder. If omitted, then will set global default KMS cluster.

Since vSphere API 7.0

clusterId* P

[in] KMS cluster ID to become default. If omitted, then will clear the default KMS cluster setting.

Since vSphere API 7.0

*Need not be set PRequired privilege - see tooltip for details

Return Value

Type	Description
None

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="SetDefaultKmsCluster" type="vim25:SetDefaultKmsClusterRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="SetDefaultKmsClusterResponse">
                  <complexType/>
               </element>

UnregisterKmsCluster(unregisterKmsCluster)

Unregister the specified KMS cluster from the CryptoManager.

Required Privileges: Cryptographer.ManageKeyServers
Since: vSphere API 7.0

Parameters

Name

Type

Description

_this

A reference to the CryptoManagerKmip used to make the method call.

clusterId P

[in] KMS cluster ID to unregister.

Since vSphere API 7.0

P Required privilege: clusterId

Return Value

Type	Description
None

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="UnregisterKmsCluster" type="vim25:UnregisterKmsClusterRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="UnregisterKmsClusterResponse">
                  <complexType/>
               </element>

UpdateKmipServer(updateKmipServer)

Update a KMIP server.

Required Privileges: Cryptographer.ManageKeyServers

Parameters

Name

Type

Description

_this

A reference to the CryptoManagerKmip used to make the method call.

server P

KmipServerSpec

[in] KMIP server connection information.

Since vSphere API 6.5

P Required privilege: server

Return Value

Type	Description
None

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="UpdateKmipServer" type="vim25:UpdateKmipServerRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="UpdateKmipServerResponse">
                  <complexType/>
               </element>

UpdateKmsSignedCsrClientCert(updateKmsSignedCsrClientCert)

Set KMS server signed certificate as KMIP client certificate for the KMS cluster. This method should be called to update the certificate signed by KMS server from a CSR that is generated by calling GenerateClientCsr. If GenerateClientCsr is called more than once, the CSR that is generated last time should be used; otherwise the certificate will be rejected because the private key from last time won't match the public key in the certificate.

Required Privileges: Cryptographer.ManageKeyServers

Parameters

Name

Type

Description

_this

A reference to the CryptoManagerKmip used to make the method call.

cluster P

[in] KMIP cluster.

Since vSphere API 6.5

certificate P

xsd:string

[in] Client certificate.

Since vSphere API 6.5

PRequired privilege - see tooltip for details

Return Value

Type	Description
None

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="UpdateKmsSignedCsrClientCert" type="vim25:UpdateKmsSignedCsrClientCertRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="UpdateKmsSignedCsrClientCertResponse">
                  <complexType/>
               </element>

UpdateSelfSignedClientCert(updateSelfSignedClientCert)

Set a self-signed certificate as KMIP client certificate for the KMS cluster. This method should be called to update the certificate which is generated by calling GenerateSelfSignedClientCert. If GenerateSelfSignedClientCert is called more than once, the self signed certificate that is generated last time should be used; otherwise the certificate will be rejected because the private key from last time won't match the public key in the certificate.

Required Privileges: Cryptographer.ManageKeyServers

Parameters

Name

Type

Description

_this

A reference to the CryptoManagerKmip used to make the method call.

cluster P

[in] KMIP cluster.

Since vSphere API 6.5

certificate P

xsd:string

[in] Client certificate.

Since vSphere API 6.5

PRequired privilege - see tooltip for details

Return Value

Type	Description
None

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="UpdateSelfSignedClientCert" type="vim25:UpdateSelfSignedClientCertRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="UpdateSelfSignedClientCertResponse">
                  <complexType/>
               </element>

UploadClientCert(uploadClientCert)

Set a client certificate with private key for the KMIP cluster. The certificate and private key can be assigned by a KMS server and the certificate might be already trusted by the KMS server.

Required Privileges: Cryptographer.ManageKeyServers

Parameters

Name	Type	Description
_this	ManagedObjectReference	A reference to the CryptoManagerKmip used to make the method call.
cluster P	KeyProviderId	[in] KMIP cluster. *Since* vSphere API 6.5
certificate P	xsd:string	[in] Client certificate. *Since* vSphere API 6.5
privateKey P	xsd:string	[in] Private key. *Since* vSphere API 6.5

PRequired privilege - see tooltip for details

Return Value

Type	Description
None

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="UploadClientCert" type="vim25:UploadClientCertRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vim25="urn:vim25" name="UploadClientCertResponse">
                  <complexType/>
               </element>

UploadKmipServerCert(uploadKmipServerCert)

Upload a server certficate.

Required Privileges: Cryptographer.ManageKeyServers

Parameters

Name

Type

Description

_this

A reference to the CryptoManagerKmip used to make the method call.

cluster P

[in] KMIP cluster.

Since vSphere API 6.5

certificate P

xsd:string

[in] Server certificate in PEM encoding.

Since vSphere API 6.5

PRequired privilege - see tooltip for details

Return Value

Type	Description
None

Faults

Type	Description
RuntimeFault	Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None