Establish Trust Between Hosts in a
vSphere Trust Authority
Cluster and a Workload
vCenter Server

You can use
HTTP requests
to perform trust management operations.
  • Verify that you have access to a working
    vSphere Trust Authority
    environment.
  • Verify that you have Trusted Infrastructure administrative privileges.
You can establish and remove trust between a Workload
vCenter Server
and the hosts in a
vSphere Trust Authority
Cluster. You can also list all Workload
vCenter Server
instances that have established trust with the host in a
vSphere Trust Authority
Cluster.
Some operations require you to specify parameters in the body of the HTTP request according to your
vSphere Trust Authority
environment. For details about the syntax of each HTTP request body, see the
API Reference
documentation.
  1. Establish trust between a
    vSphere Trust Authority
    Cluster and a Workload
    vCenter Server
    by creating a profile, so that the Workload
    vCenter Server
    can retrieve the health status of the
    vSphere Trust Authority
    components.
    POST https://<vcenter_ip_address_or_fqdn>/api/vcenter/trusted-infrastructure/trust-authority-clusters/<
    cluster
    >/consumer-principals?vmw-task=true
    You receive the task ID in the response body. You can use the task ID to check the status of the task by running the following HTTP request.
    GET https://<vcenter_ip_address_or_fqdn>/api/cis/tasks/<
    task_ID
    >
  2. Remove the trust between a Workload
    vCenter Server
    and the hosts in the
    vSphere Trust Authority
    Cluster, so that the Workload
    vCenter Server
    stops using the hosts for attestation.
    DELETE https://<vcenter_ip_address_or_fqdn>/api/vcenter/trusted-infrastructure/trust-authority-clusters/<
    cluster
    >/consumer-principals/<
    profile
    >?vmw-task=true
    You receive the task ID in the response body. You can use the task ID to check the status of the task by running the following HTTP request.
    GET https://<vcenter_ip_address_or_fqdn>/api/cis/tasks/<
    task_ID
    >
  3. List all profiles which the
    vSphere Trust Authority
    Cluster trusts.
    POST https://<vcenter_ip_address_or_fqdn>/api/vcenter/trusted-infrastructure/trust-authority-clusters/<
    cluster
    >/consumer-principals?action=query&vmw-task=true
    You receive the task ID in the response body. You can use the task ID to check the status of the task by running the following HTTP request.
    GET https://<vcenter_ip_address_or_fqdn>/api/cis/tasks/<
    task_ID
    >