Solved: Getting HostTpmDigestInfo (PCR values) from the vC...

gmaddock · ‎11-26-2018

I'm working with a legacy API instance that connects to our vCenters to collect data about hosts and vms.

I was tasked with collecting the TPM PCR values for each host to do some daily validation.

I see a key on the host for 'runtime.tpmPcrValues', which looks like what I'm looking for. But when I query that for our hosts,

I'm getting the same PCR values for every host - which shouldn't be the case.

Is there a better way to collect this data via the SOAP API?

gmaddock · ‎11-30-2018

Found the answer to this question. The runtime values, at least in my environment are not populated.

To get the PCR values, I had to get the host object, then call the QueryTpmAttestationReport.

$object["_this"] = array( "_" => $host->_, "type" => "HostSystem");
$report = $this->client->QueryTpmAttestationReport($object);

gmaddock · ‎11-30-2018

Found the answer to this question. The runtime values, at least in my environment are not populated.

To get the PCR values, I had to get the host object, then call the QueryTpmAttestationReport.

$object["_this"] = array( "_" => $host->_, "type" => "HostSystem");
$report = $this->client->QueryTpmAttestationReport($object);

Getting HostTpmDigestInfo (PCR values) from the vCenter SOAP API