esx attestation tpm2 endorsement keys: create
Add a new TPM endorsement key.
Request:
HTTP request
POST https://{server}/api/esx/attestation/tpm2/endorsement-keys
{
"public_key" : "string",
"name" : "obj-103",
"certificate" : "string"
}
"public_key" : "string",
"name" : "obj-103",
"certificate" : "string"
}
Body Parameters:
| Name | Type | Description |
|---|---|---|
| bold = required | ||
| - | create_spec | The configuration. |
| -.name | string | A unique name for the TPM endorsement key. The unique name should be something that an administrator can use to easily identify the remote system. For example, the hostname, or hardware UUID. When clients pass a value of this structure as a parameter, the field must be an identifier for the resource type:com.vmware.esx.attestation.tpm2.endorsement_keys. When operations return a value of this structure as a result, the field will be an identifier for the resource type: com.vmware.esx.attestation.tpm2.endorsement_keys. |
| -.public_key | string | TPM public endorsement key in PEM format. Optional. If unset esx.attestation.tpm2.endorsement_keys.create_spec.certificate must be set. |
| -.certificate | string | TPM endorsement key certificate in PEM format. When a endorsement key certificate is provided, it will be verified against the CaCertificate list. EK certificates that are not signed by one of the CA certificates will be rejected. Using this format allows for failures to be caught during configuration rather than later during attestation. Optional. If unset esx.attestation.tpm2.endorsement_keys.create_spec.public_key must be set. |
Response:
HTTP Status Code: 204
Headers:
NoneType:
NoneErrors:
| HTTP Status Code | Type | Description |
|---|---|---|
| 400 | already_exists | if the endorsement key name exists. |
| 500 | error | if there is a generic error. |
| 400 | invalid_argument | if the configuration is invalid. |
| 401 | unauthenticated | if the caller is not authenticated. |
| 403 | unauthorized | if the caller is not authorized. |