Core identity services are part of every embedded deployment and every platform services node. VMCA is part of every VMware core identity services group. Use the management CLIs and the vSphere Client to interact with these services.
VMware core identity services include several components.
| Service | Description | Included in |
|---|---|---|
| VMware Directory Service (vmdir) | Handles SAML certificate management for authentication with vCenter Single Sign-On. | Platform Services Controller Embedded deployment |
| VMware Certificate Authority (VMCA) | Issues certificates for VMware solution users, machine certificates for machines on which services are running, and ESXi host certificates. VMCA can be used as is, or as an intermediary certificate authority. VMCA issues certificates only to clients that can authenticate to vCenter Single Sign-On in the same domain. |
Platform Services Controller Embedded deployment |
| VMware Authentication Framework Daemon (VMAFD) | Includes the VMware Endpoint Certificate Store (VECS) and several other authentication services. VMware administrators interact with VECS. The other services are used internally. | Platform Services Controller vCenter Server Embedded deployment |
