New-TrustAuthorityTpm2EndorsementKey

Name	Type	Description	Required?	Pipeline Input	Default Value
TrustAuthorityCluster	TrustAuthorityCluster	Specifies the Trust Authority cluster in which you want to create a new Trust Authority TPM 2.0 endorsementKey object.	true	True (ByValue)
Certificate	X509Certificate2	Specifies the certificate of the TPM 2.0 device from a workload virtual machine host server that you want to use to create a Trust Authority TPM 2.0 endorsement key object in Trust Autority vCenter Server system. If both the Certificate and PublicKey parameters are specified, the Certificate parameter is first validated with the preconfigured CA certificates. Then the PublicKey parameter is validated with the Certificate.	false	False
CertificateFile	String	Specifies the certificate file where you can find the TPM 2.0 device's certificate.	false	False
Confirm	SwitchParameter	If the value is $true, indicates that the cmdlet asks for confirmation before running. If the value is $false, the cmdlet runs without asking for user confirmation.	false	False
FilePath	String	Specifies the file where you can find the TPM 2.0 endorsement key.	true	False
Name	String	Specifies the name of the new Trust Authority TPM 2.0 endorsement key that you want to create.	true	False
PublicKey	SecureString	Specifies the TPM 2.0 device's public key in PEM format.	false	False
PublicKeyFile	String	Specifies the file where you can find the TPM 2.0 device's public key.	false	False
Server	VIServer[]	Specifies the vCenter Server systems on which you want to run the cmdlet. If no value is given to this parameter, the command runs on the default servers. For more information about default servers, see the description of the Connect-VIServer cmdlet.	false	False
Tpm2EndorsementKey	Tpm2EndorsementKey[]	Specifies the TPM 2.0 endorsement key of the TPM 2.0 device from a workload virtual machine host server that you can use to create Trust Authority TPM 2.0 endorsement key object in the Trust Autority vCenter Server system.	true	True (ByValue)
WhatIf	SwitchParameter	Indicates that the cmdlet is run only to display the changes that would be made and actually no objects are modified.	false	False

-------------------------- Example 1 --------------------------

Connect-VIServer -Server 1.1.1.1 -User root -Password mypasswd
$tpm2Ek = Get-Tpm2EndorsementKey -Server 1.1.1.1 -VMHost 1.1.1.1
New-TrustAuthorityTpm2EndorsementKey -TrustAuthorityCluster mycluster -Tpm2EndorsementKey $tpm2Ek -Server trustAuthoritySystem

Creates a Trust Authority TPM 2.0 endorsement key in the Trust Authority cluster mycluster from the TPM 2.0 endorsement key object $tpm2Ek. You can retrieve the TPM 2.0 endorsement key object from the connected workload virtual machine host server 1.1.1.1.

-------------------------- Example 2 --------------------------

Connect-VIServer -Server 1.1.1.1 -User root -Password mypasswd
Export-Tpm2EndorsementKey -Server 1.1.1.1 -FilePath c:\mypath -VMHost 1.1.1.1
New-TrustAuthorityTpm2EndorsementKey -TrustAuthorityCluster mycluster -FilePath c:\mypath -Server trustAuthoritySystem

Creates a Trust Authority TPM 2.0 endorsement key in the Trust Authority cluster mycluster from the c:\mypath file. You can export the TPM 2.0 endorsement key object from the connected workload virtual machine host server 1.1.1.1.

-------------------------- Example 3 --------------------------

Connect-VIServer -Server 1.1.1.1 -User root -Password mypasswd
$tpm2Ek = Get-Tpm2EndorsementKey -Server 1.1.1.1 -VMHost 1.1.1.1
New-TrustAuthorityTpm2EndorsementKey -TrustAuthorityCluster mycluster -Name mytpm2Ek
 -Certificate $tpm2Ek.Certificate -PublicKey $tpm2Ek.PublicKey -Server trustAuthoritySystem

Creates a Trust Authority TPM 2.0 endorsement key with the mytpm2Ek name in the Trust Authority cluster mycluster from each property of the Tpm2EndorsementKey object. You can retrieve the TPM 2.0 endorsement key object from the connected workload virtual machine host server 1.1.1.1.

PowerCLI Reference

Synopsis