IssueNodeCertificateResponse

JSON representation

IssueNodeCertificateResponse is the response for instances.issueNodeCertificate. It returns client and server certificates sealed with a challenge that only owner of the EK/TPM can solve.

JSON representation
{ "credential": string, "aeadKey": string, "sealedNodeCertificates": string }

Fields

Fields
`credential`	`string (bytes format)` A TPM credential that allows the TPM EK to decrypt aeadKey. It is a part of 'Activate Credential' challenge that only owner of the EK can solve to retrieve aeadKey. A base64-encoded string.
`aeadKey`	`string (bytes format)` A ciphertext to be used to unseal the sealed_certificates field. Part of 'Activate Credential' challenge that only owner of the EK can solve to retrieve this key. A base64-encoded string.
`sealedNodeCertificates`	`string (bytes format)` A NodeCertificates message, serialized and sealed using unencrypted aeadKey is of the form 'IV \|\| CT \|\| TAG' A base64-encoded string.

credential

string (bytes format)

A TPM credential that allows the TPM EK to decrypt aeadKey.

It is a part of 'Activate Credential' challenge that only owner of the EK can solve to retrieve aeadKey.

A base64-encoded string.

aeadKey

string (bytes format)

A ciphertext to be used to unseal the sealed_certificates field.

Part of 'Activate Credential' challenge that only owner of the EK can solve to retrieve this key.

A base64-encoded string.

sealedNodeCertificates

string (bytes format)

A NodeCertificates message, serialized and sealed using unencrypted aeadKey

is of the form 'IV || CT || TAG'

A base64-encoded string.

IssueNodeCertificateResponse Stay organized with collections Save and categorize content based on your preferences.

IssueNodeCertificateResponse