esx attestation report: tpm2 identity
The
tpm2_identity structure contains a unique TPM 2.0 identifier for the remote host.Representation:
{
"ek_cert" : "string",
"ek_pub" : "string"
}
"ek_cert" : "string",
"ek_pub" : "string"
}
Attributes:
| Name | Type | Description |
|---|---|---|
| Optional | ||
| ek_cert | string | TPM 2.0 endorsement key (EK) certificate When an endorsement key certificate is available, all attestation requests should begin by sending it as the remote host's identity. The server will validate the certificate against a configured set of trusted TPM certificate authorities (CAs). Optional. If unset, esx.attestation.report.tpm2_identity.ek_pub must be specified. |
| ek_pub | string | TPM 2.0 public endorsement key (EK) When an endorsement key certificate is not available, an attestation request may be made using the public part of the endorsement key instead. This identification method will only work if the server is configured to accept unsigned EKs, and the public key has been added to the trusted set. Not required when esx.attestation.report.tpm2_identity.ek_cert is specified. Optional. If unset, esx.attestation.report.tpm2_identity.ek_cert must be specified. |