Establish Trust Between Hosts in a vSphere Trust Authority Cluster and a Workload vCenter Server
vSphere Trust Authority
Cluster and a Workload vCenter Server
You can use
HTTP requests
to perform trust management operations.- Verify that you have access to a workingvSphere Trust Authorityenvironment.
- Verify that you have Trusted Infrastructure administrative privileges.
You can establish and remove trust between a
Workload
vCenter Server
and the hosts
in a vSphere Trust Authority
Cluster. You can also list all Workload vCenter Server
instances that have established trust with the host in a
vSphere Trust Authority
Cluster. Some operations require you to specify
parameters in the body of the HTTP request according to your
vSphere Trust Authority
environment.
For details about the syntax of each HTTP request body, see the API Reference
documentation.- Establish trust between avSphere Trust AuthorityCluster and a WorkloadvCenter Serverby creating a profile, so that the WorkloadvCenter Servercan retrieve the health status of thevSphere Trust Authoritycomponents.POST https://<vcenter_ip_address_or_fqdn>/api/vcenter/trusted-infrastructure/trust-authority-clusters/<cluster>/consumer-principals?vmw-task=trueYou receive the task ID in the response body. You can use the task ID to check the status of the task by running the following HTTP request.GET https://<vcenter_ip_address_or_fqdn>/api/cis/tasks/<task_ID>
- Remove the trust between a WorkloadvCenter Serverand the hosts in thevSphere Trust AuthorityCluster, so that the WorkloadvCenter Serverstops using the hosts for attestation.DELETE https://<vcenter_ip_address_or_fqdn>/api/vcenter/trusted-infrastructure/trust-authority-clusters/<cluster>/consumer-principals/<profile>?vmw-task=trueYou receive the task ID in the response body. You can use the task ID to check the status of the task by running the following HTTP request.GET https://<vcenter_ip_address_or_fqdn>/api/cis/tasks/<task_ID>
- List all profiles which thevSphere Trust AuthorityCluster trusts.POST https://<vcenter_ip_address_or_fqdn>/api/vcenter/trusted-infrastructure/trust-authority-clusters/<cluster>/consumer-principals?action=query&vmw-task=trueYou receive the task ID in the response body. You can use the task ID to check the status of the task by running the following HTTP request.GET https://<vcenter_ip_address_or_fqdn>/api/cis/tasks/<task_ID>