What Is a Trusted Infrastructure

A Trusted Infrastructure consists of at least one vSphere Trust Authority Cluster, at least one Trusted Cluster, and at least one external KMIP-compliant key server. Each cluster contains ESXi hosts that run specific vSphere Trust Authority services, as shown in the following figure.

Configuring the Trust Authority Cluster enables two services:

• Attestation Service
• Key Provider Service

When you configure vSphere Trust Authority, the ESXi hosts in the Trusted Cluster communicate with the Attestation Service. The Key Provider Service interposes between the Trusted Hosts and one or more trusted key providers.

About the vSphere Trust Authority Attestation Service

The Attestation Service generates a signed document that contains assertions describing the binary and configuration state of the remote ESXi hosts in the Trusted Cluster. The Attestation Service attests the state of the ESXi hosts using a Trusted Platform Module (TPM) 2.0 chip as its basis for software measurement and reporting. The TPM on the remote ESXi host measures the software stack and sends the configuration data to the Attestation Service. The Attestation Service verifies that the software measurement signature can be attributed to a previously configured trusted TPM endorsement key (EK). The Attestation Service also ensures that the software measurement matches one of a set of previously blessed ESXi images. The Attestation Service signs a JSON Web Token (JWT) that it issues to the ESXi host, providing the assertions about the identity, validity, and configuration of the ESXi host.

What Is the vSphere Trust Authority Key Provider Service

The Key Provider Service removes the need for the vCenter Server and the ESXi hosts from requiring direct key server credentials. In vSphere Trust Authority, for an ESXi host to have access to an encryption key, it must authenticate with the Key Provider Service.

For the Key Provider Service to connect to a key server, the Trust Authority administrator must configure a trust setup. For most KMIP-compliant servers, configuring a trust setup involves configuring client and server certificates.

To ensure that the keys are released only to ESXi Trusted Hosts, the Key Provider Service acts as a gatekeeper to the key servers. The Key Provider Service hides the key server specifics from the rest of the data center software stack by using the concept of a trusted key provider. Each trusted key provider has a single configured primary encryption key, and references one or more key servers. The Key Provider Service can have several configured trusted key providers. For example, you might want to have a separate trusted key provider for each department in an organization. Each trusted key provider uses a different primary key, but can reference the same backing key server.

After you create a trusted key provider, the Key Provider Service can accept requests from the ESXi Trusted Hosts to run cryptographic operations against that trusted key provider.

When an ESXi Trusted Host requests operations against a trusted key provider, the Key Provider Service makes sure that the ESXi host that is trying to obtain the encryption key is attested. After passing all the checks, the ESXi Trusted Host receives encryption keys from the Key Provider Service.

What Ports Are Used by vSphere Trust Authority

The vSphere Trust Authority services listen for connections behind the ESXi host's reverse proxy. All communication occurs over HTTPS on port 443.

What Are vSphere Trust Authority Trusted Hosts

The ESXi Trusted Hosts are configured to use trusted key providers to perform cryptographic operations. The ESXi Trusted Hosts perform key operations by communicating to the Key Provider Service and the Attestation Service. For authentication and authorization, the ESXi Trusted Hosts use a token obtained from the Attestation Service. To get a valid token, the ESXi Trusted Host must successfully attest to the Attestation Service. The token contains certain claims that are used to decide whether the ESXi Trusted Host is authorized to access a trusted key provider.

vSphere Trust Authority and Key Servers

vSphere Trust Authority requires the use of at least one key server. In previous vSphere releases, a key server was called a Key Management Server or KMS. Currently, vSphere virtual machine encryption solution supports KMIP 1.1 compliant key servers.

How Does vSphere Trust Authority Store Configuration and State Information

vCenter Server is mostly a pass-through service for vSphere Trust Authority configuration and state information. Most vSphere Trust Authority configuration and state information is stored on the ESXi hosts in the ConfigStore database. Some state information is stored in the vCenter Server database as well.

How Does vSphere Trust Authority Integrate with vCenter Server

You configure separate vCenter Server instances to manage the Trust Authority Cluster and Trusted Cluster. See Configuring vSphere Trust Authority.

On a Trusted Cluster, the vCenter Server manages the Trust Authority API calls and passes them through to the ESXi hosts. The vCenter Server replicates the API calls across all ESXi hosts in the Trusted Cluster.

After you configure vSphere Trust Authority initially, you can add or remove ESXi hosts to or from a Trust Authority Cluster or a Trusted Cluster. See Adding and Removing vSphere Trust Authority Hosts.