esx attestation tpm2 settings: get
Return the TPM 2.0 protocol settings.
Request:
HTTP request
GET https://{server}/api/esx/attestation/tpm2/settings
Response:
HTTP Status Code: 200
Response Body Structure:
{
"require_endorsement_keys" : true,
"require_certificate_validation" : true
}
"require_endorsement_keys" : true,
"require_certificate_validation" : true
}
Headers:
NoneType:
| Name | Type | Description |
|---|---|---|
| bold = required | ||
| - | info | The settings. |
| -.require_endorsement_keys | boolean | Require registered TPM endorsement keys. During attestation, the attested host will always send its endorsement key to the Attestation Service. With this option is set, the Attestation Service will only proceed with attestation if the endorsement key has been added to the list of configured trusted endorsement keys. |
| -.require_certificate_validation | boolean | Require TPM endorsement key certificate validation. During attestation, the attested host will send its endorsement key certificate if one is available. With this option set, the Attestation Service will validate the endorsement key certificate against the list of configured trusted TPM CA certificates. Only endorsement key certificates that are signed by a trusted TPM CA certificate will be able to successfully attest. |
Errors:
| HTTP Status Code | Type | Description |
|---|---|---|
| 500 | error | if there is a generic error. |
| 401 | unauthenticated | if the caller is not authenticated. |
| 403 | unauthorized | if the caller is not authorized. |