TCA Manager displays the endpoints which TCA Manager and TCA Control plane communicate to in a single pane of view in Connected Endpoints page.
For each endpoint, you can see additional information such as Endpoint Type, Location, Status, and Certificate Expires in.
Last Connected At is shown for an endpoint when the status is Disconnected, or Protocol Error, so that user is aware when the TCA communicated with the endpoint successfully.
Supported Endpoints
Certificate Observability will automatically monitor the following endpoints without any user intervention on both TCA Manager and TCA Control Plane.
vCenter Server
NSX-T Manager
Harbor
Airgap Server
Kubernetes Clusters
TCA Control Plane
vRealize Orchestrator
Syslog Server
VMware Aria Operations for Logs
Active Directory
An Endpoint will be monitored in the Certificate Observability service only on successful consumption by TCA Manager or TCA Control Plane.
Endpoint Status
The following table lists the endpoint statuses:
Status |
Description |
---|---|
Disconnected |
TCA-Manager or TCA-Control Plane is unable to reach the endpoint. |
Protocol Error |
The endpoint is reachable, but the SSL handshake fails because of unsupported TLS versions. |
Untrusted |
The endpoint is reachable, but the SSL handshake fails because the endpoint certificate has not been imported in TCA. |
Expired |
The endpoint is reachable, but the SSL handshake fails because the expiry date on the endpoint certificate is in the past. |
Expiring |
The endpoint is reachable with a valid certificate, but the certificate is about to expire within 3 months. |
Modified |
The endpoint is reachable with a valid certificate which was recently modified. |
Connected |
The endpoint is reachable with a valid certificate. |
If the status of endpoint is Untrusted, follow the steps mentioned in Managing CA and Self-Signed Certificates and import the certificate to TCA system certificate store.