YYYY-MM-DDTHH:MM:SSZ error vpxd[06545] [Originator@6876 sub=CryptoManagerKmipWrapper opID=lv5da6ns-1348088-auto-sw6x-h5:70295756-51] Failed to create key on KMS-Server:5696 - Server Error:Invalid Message, Explanation:Some requested operations (EXPORT) is not allowed by policy
-->
YYYY-MM-DDTHH:MM:SSZ info vpxd[18454] [Originator@6876 sub=vpxLro opID=b1333e3e-dd17-443d-95ec-7cfec90ede4e Authz-33] [VpxLRO] -- BEGIN lro-407527276 -- AuthorizationManager -- vim.AuthorizationManager.hasUserPrivilegeOnEntities -- 52cce906-9d8e-4ec2-484a-e85ac7b9e982(52754c5d-1562-5d98-b381-77d1bbda83a1)
YYYY-MM-DDTHH:MM:SSZ info vpxd[18454] [Originator@6876 sub=UserDirectorySso opID=b1333e3e-dd17-443d-95ec-7cfec90ede4e Authz-33] GetUserInfoInternal(#\#, false) res: NAMXXX\xxxxxxxxxxxxxx
YYYY-MM-DDTHH:MM:SSZ info vpxd[18454] [Originator@6876 sub=vpxLro opID=b1333e3e-dd17-443d-95ec-7cfec90ede4e Authz-33] [VpxLRO] -- FINISH lro-407527276
YYYY-MM-DDTHH:MM:SSZ warning vpxd[06545] [Originator@6876 sub=CryptoManager opID=lv5da6ns-1348088-auto-sw6x-h5:70295756-51] Failed to generate key on key provider KMS-Server, error 7:
--> Reason:
--> Failed to generate key on KMS KMS-Server: QLC_ERR_GENERAL_ERROR
--> Custom attribites: (null)
-->

vCenter Server 7.0U3O

'Failed to create key' indicates that the vCenter attempted to create a key on the specified KMS server but was unsuccessful.

The KMS server returned the error stating that the operation was invalid as a result of the KMS server policy. 

The error points to an issue between the vCenter and the KMS server.

• Review the KMS configuration
• Enable the EXPORT operation on the KMS server