How to change the Key Provider in use by vSAN to the vCenter Native Key Provider (NKP).
vSAN 8.x
vSAN 7.x
1. Deploy and configure the native key provider.
Configure a vSphere Native Key Provider
2. Make the Native key provider the default KMS.
Set the Default Key Provider Using the vSphere Client
3. Change the KMS in use by vSAN from the External KMS to the Native Key Provider (NKP). Under cluster > configure > vSAN services
Changing the KMS will perform a shallow rekey operation, NOT a deep rekey operation. As long as the "Wipe residual data" option is not checked this operation will not impact data availability.