TCA Manager displays the endpoints which TCA Manager and TCA Control plane communicate to in a single pane of view in Connected Endpoints page.

For each endpoint, you can see additional information such as Endpoint Type, Location, Status, and Certificate Expires in.



Note:

Last Connected At is shown for an endpoint when the status is Disconnected, or Protocol Error, so that user is aware when the TCA communicated with the endpoint successfully.

Supported Endpoints

Certificate Observability will automatically monitor the following endpoints without any user intervention on both TCA Manager and TCA Control Plane.

  • vCenter Server

  • NSX-T Manager

  • Harbor

  • Airgap Server

  • Kubernetes Clusters

  • TCA Control Plane

  • vRealize Orchestrator

  • Syslog Server

  • VMware Aria Operations for Logs

  • Active Directory

Note:

An Endpoint will be monitored in the Certificate Observability service only on successful consumption by TCA Manager or TCA Control Plane.

Endpoint Status

The following table lists the endpoint statuses:

Status

Description

Disconnected

TCA-Manager or TCA-Control Plane is unable to reach the endpoint.

Protocol Error

The endpoint is reachable, but the SSL handshake fails because of unsupported TLS versions.

Untrusted

The endpoint is reachable, but the SSL handshake fails because the endpoint certificate has not been imported in TCA.

Expired

The endpoint is reachable, but the SSL handshake fails because the expiry date on the endpoint certificate is in the past.

Expiring

The endpoint is reachable with a valid certificate, but the certificate is about to expire within 3 months.

Modified

The endpoint is reachable with a valid certificate which was recently modified.

Connected

The endpoint is reachable with a valid certificate.

Note:

If the status of endpoint is Untrusted, follow the steps mentioned in Managing CA and Self-Signed Certificates and import the certificate to TCA system certificate store.