Managed Object - HostCertificateManager(vim.host.CertificateManager)

Property of
HostConfigManager
See also
HostCertificateManagerCertificateInfo, HostCertificateManagerCertificateSpec
Since
vSphere API 6.0


Managed Object Description

CertificateManager provides an interface for managing the SSL certificates used by the server.

Properties

Name Type Description
certificateInfo PHostCertificateManagerCertificateInfo

the CertificateInfo of the Host Certificate.
P Required privilege: Certificate.Manage

Methods

Methods defined in this Managed Object
GenerateCertificateSigningRequest, GenerateCertificateSigningRequestByDn, InstallServerCertificate, ListCACertificateRevocationLists, ListCACertificates, ReplaceCACertificatesAndCRLs, RetrieveCertificateInfoList

GenerateCertificateSigningRequest(generateCertificateSigningRequest)

Requests the server to generate a certificate-signing request (CSR) for itself. The CSR is then typically provided to a Certificate Authority to sign and issue the SSL certificate for the server. Use InstallServerCertificate to install this certificate.
Required Privileges
Certificate.Manage

Parameters

NameTypeDescription
_thisManagedObjectReference A reference to the HostCertificateManager used to make the method call.
useIpAddressAsCommonName Pxsd:boolean

if true, use host's management IP address as CN in the CSR; otherwise use host's FQDN.

Since vSphere API 6.0
spec* PHostCertificateManagerCertificateSpec

is used to generate CSR for selected certificate kind.

Since vSphere API 6.0
*Need not be set PRequired privilege - see tooltip for details

Return Value

Type Description
xsd:stringCSR in PEM format

Faults

Type Description
HostConfigFaultThrown if there's a problem generating the CSR.
RuntimeFaultThrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

Show WSDL type definition



GenerateCertificateSigningRequestByDn(generateCertificateSigningRequestByDn)

Requests the server to generate a certificate-signing request (CSR) for itself. Alternative version similar to GenerateCertificateSigningRequest but takes a Distinguished Name (DN) as a parameter.
Required Privileges
Certificate.Manage

Parameters

NameTypeDescription
_thisManagedObjectReference A reference to the HostCertificateManager used to make the method call.
distinguishedName Pxsd:string

DN to be used as subject in CSR.

Since vSphere API 6.0
spec* PHostCertificateManagerCertificateSpec

is used to generate CSR for selected certificate kind

Since vSphere API 6.0
*Need not be set PRequired privilege - see tooltip for details

Return Value

Type Description
xsd:stringCSR in PEM format

Faults

Type Description
HostConfigFaultThrown if there's a problem generating the CSR.
RuntimeFaultThrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

Show WSDL type definition



InstallServerCertificate(installServerCertificate)

Installs a given SSL certificate on the server.
Required Privileges
Certificate.Manage

Parameters

NameTypeDescription
_thisManagedObjectReference A reference to the HostCertificateManager used to make the method call.
cert Pxsd:string

SSL certificate in PEM format

Since vSphere API 6.0
P Required privilege: cert

Return Value

Type Description
None

Faults

Type Description
HostConfigFaultThrown if there's a problem with the input certificate.
RuntimeFaultThrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

Show WSDL type definition



ListCACertificateRevocationLists(listCACertificateRevocationLists)

Fetches the SSL CRLs of Certificate Authorities that are trusted.
Required Privileges
Certificate.Manage

Parameters

NameTypeDescription
_thisManagedObjectReference A reference to the HostCertificateManager used to make the method call.

Return Value

Type Description
xsd:string[]SSL CRLs of trusted CAs in PEM format

Faults

Type Description
HostConfigFaultThrown if there's a problem with the certificate store.
RuntimeFaultThrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

Show WSDL type definition



ListCACertificates(listCACertificates)

Fetches the SSL certificates of Certificate Authorities that are trusted.
Required Privileges
Certificate.Manage

Parameters

NameTypeDescription
_thisManagedObjectReference A reference to the HostCertificateManager used to make the method call.

Return Value

Type Description
xsd:string[]SSL certificates of trusted CAs in PEM format

Faults

Type Description
HostConfigFaultThrown if there's a problem with the certificate store.
RuntimeFaultThrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

Show WSDL type definition



ReplaceCACertificatesAndCRLs(replaceCACertificatesAndCRLs)

Replaces the trusted Certificate Authority (CA) certificates and Certification Revocation List (CRL) used by the server with the provided values. These determine whether the server can verify the identity of an external entity.
Required Privileges
Certificate.Manage

Parameters

NameTypeDescription
_thisManagedObjectReference A reference to the HostCertificateManager used to make the method call.
caCert Pxsd:string[]

List of SSL certificates, in PEM format, of all CAs that should be trusted

Since vSphere API 6.0
caCrl* Pxsd:string[]

List of SSL CRLs, in PEM format, issued by trusted CAs from the above list

Since vSphere API 6.0
*Need not be set PRequired privilege - see tooltip for details

Return Value

Type Description
None

Faults

Type Description
HostConfigFaultThrown if there's a problem with the input certificates or CRLs.
RuntimeFaultThrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

Show WSDL type definition



RetrieveCertificateInfoList(retrieveCertificateInfoList)

the CertificateInfos of all known Certificates on the host
Required Privileges
Certificate.Manage
Since
8.0.1.0

Parameters

NameTypeDescription
_thisManagedObjectReference A reference to the HostCertificateManager used to make the method call.

Return Value

Type Description
HostCertificateManagerCertificateInfo[]

Faults

Type Description
RuntimeFaultThrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error.

Events

Type
None

Show WSDL type definition