Configure vSphere Trust Authority ComponentsLast Updated December 16, 2024
vSphere Trust Authority
ComponentsYou can use
HTTP requests
to perform Key Provider Service and Attestation Service management
operations.- Verify that you have access to a workingvSphere Trust Authorityenvironment.
- Verify that you have Trusted Infrastructure administrative privileges.
You can register, list, remove, and retrieve details
about Key Provider Service and Attestation Service instances.
Some operations require you to specify parameters
in the body of the HTTP request according to your
vSphere Trust Authority
environment.
For details about the syntax of each HTTP request body, see the API Reference
documentation.- Register a Key Provider Service instance in a WorkloadvCenter Server.The Key Provider Service instance is propagated to all WorkloadESXihosts that the WorkloadvCenter Servermanages.
- Register an Attestation Service instance in a WorkloadvCenter Server.The Attestation Service instance is propagated to all WorkloadESXihosts that the WorkloadvCenter Servermanages.
- List Key Provider Service instances registered in a WorkloadvCenter Serverby using filters.You receive the results that match your criteria in the response body. You can use the filtered list to retrieve the health status of the Key Provider Service instances.
- List Attestation Service instances registered in a WorkloadvCenter Serverby using filters.You receive the results that match your criteria in the response body. You can use the filtered list to retrieve the health status of the Attestation Service instances.
- Remove a registered Key Provider Service instance.The WorkloadESXihosts can no longer retrieve keys by using that Key Provider Service instance.
- Remove a registered Attestation Service instance.The WorkloadESXihosts can no longer attest that their configuration is secure by using that Attestation Service instance.
- Retrieve detailed information, including the certificates, for a registered Key Provider Service instance.You receive the details in the response body. You can use the retrieved information to verify the Key Provider Service instance.
- Retrieve detailed information, including the certificates, for a registered Attestation Service instance.You receive the details in the response body. You can use the retrieved information to verify the Attestation Service instance.