Customers who have used a Native Key Provider (NKP) to encrypt the configuration files and/or disks on VMs will be unable to do a cross-vCenter vMotion of those VMs unless the NKP from the source vCenter is imported to the destination vCenter.

The vMotion fails at 100% with the error "Unable to decrypt the ciphertext. Failed to decrypt the key"

Backup the Native Key Provider from the source vCenter using the following method:
https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.security.doc/GUID-E0EB371A-F6E4-463B-A1E9-9D4DDCAA039D.html

Restore the Native Key Provider to the destination vCenter using the following method:
https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.security.doc/GUID-6ABF2D5D-C9AD-4B65-97AB-AB66A06DDD5A.html

Re-attempt the cross-vCenter vMotion.