Changing from Standard Key Provider to Native Key Provider in Virtual Center
search cancel

Changing from Standard Key Provider to Native Key Provider in Virtual Center

book

Article ID: 393083

calendar_today

Updated On:

Products

VMware vSphere ESXi

Issue/Introduction

  • Currently using Standard Key Provider (KMS)
  • Want to switch to Native Key Provider

Environment

  • vCenter 7.x
  • vCenter 8.x

Resolution

In order to switch providers you first need to create the new key provider in vCenter.

  1. Configure a vSphere Native Key Provider
  2. Set the new provider as default.
  3. If needed, set the cluster to use default or new key provider
    1. Click on the cluster name.
    2. Click on Configure > under Configuration > Key Providers
    3. Verify the Key provider is set to use default.  If it is not, click Edit and then change the key provider to the new key provider name.

After the key provider is setup, re-encrypt the VMs.

  1. In cluster, click on VMs
  2. Select one or all VMs that need to be re-encrypted
  3. Right click on the VM(s) and choose  VM Policies > Re-Encrypt.

Once the re-encrypt process completes for all VMs, the old key provider can be removed.

Additional Information

Powered by Wolken Software