Credential Store
Overview
Client applications that launch
automatically for unattended operations, such as cron jobs and software agents,
must be able to log in to the ESX/
ESXi
hosts
without user assistance.
The vSphere Web Services SDK provides client-side
credential store libraries and tools for automating the login process in a more
secure manner. After the credential store has been set up, system
administrators are no longer required to keep passwords in local scripts. The
credential store can be set up for an ESX/
ESXi
system, or
for a
vCenter Server
system. If an application authenticates itself to a
vCenter Server
system, it requires no additional authentication to access any of the
ESX/ESXi
systems
managed by that
vCenter Server
system.
The credential store consists of the following.
- A persistence file used to store authentication credentials. Currently, only passwords are supported. The persistence file maps a remote user account from an ESX/ESXihost to that user's password on the host.The passwords in the file are obfuscated but not encrypted. You must protect the file by other means and carefully control who can access it.
- vSphere Web Services SDK (C# and Java) and vSphere SDK for Perl libraries for programmatically managing the file. vSphere Web Services SDK and vSphere SDK for Perl access the same credential store.