When trying to enable Encryption on an ESXi Host after changing Key Provider from standard to native the option to enable encryption is greyed out in the vCenter UI configurations of ESXi Host. 

If old KMS server is powered off you will see similar error to below when trying to enable from summary tab

"A general runtime error occurred. Key ##################/KMS-Name not found"

vCenter Server 7.0 
vSphere ESXi 7.0 

Mentions of old Key Provider information are still present and enabling encryption for ESXi through the vCenter UI for it to use new Default Key provider does not go through successfully 

Please apply below steps through the MOB - https://vcenter-fqdn/mob 

NOTE: Ensure ESXi not in Maintenance Mode 

Once logged in as SSO administrator here, follow below steps: 

1. Select  Content > group d1 > datacenter name > Select ESXi Host

2. Now Navigate to the ConfigureCryptoKey option and enter the Default Key Name as seen in vCenter UI 

Example below, where highlighted enter Key Provider name here :

3. Select to Invoke Method 

4. Navigate back to vCenter UI for affected ESXi host and confirm Encryption mode can be enabled