This article provides workaround when encountered backup Native Key Provider failed by vCenter unset hostname.
Backup Native Key Provider failed.
The url of download backup file depends on hostname, so if vCenter unset hostname, the url can't be used to download the backup file.
VMware is aware of this issue and working to resolve this in a future release.
Workaround:
Follow the below Workaround:
Step 1: Using dcli export command, this gives a bearer token & file path
root@localhost [ ~ ]# dcli com vmware vcenter cryptomanager kms providers export --provider nkp_name
location:
download_token:
expiry: 2022-03-23T23:12:34.000Z
token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2NDgwNzcxNTQsInBhc3N3ZCI6Iip0eThqTy8wVnBYT1FNOUk1Z2tjRGh2aFdmRkt4WGVOZzI2T1J5ck1Iva21zL2twIn0.tSRvNMhYW5pwPIkv0T3bWuen5nUW_j2fnOtrwzJbBSU
url: https://localhost/cryptomanager/kms/nkp_name
Type: LOCATION
Step 2: Download the file:
replace localhost with vCenter IP in the url, and put token after Bearer.
wget 'https://172.16.33.132/cryptomanager/kms/nkp_name' --header 'Authorization: Bearer eyJhbGciOiJ...fnOtrwzJbBSU'
*** to list native key provider name run: dcli com vmware vcenter cryptomanager kms providers list - in this example nkp_name is the provider name ***