Error when trying to migrate an encrypted vm – "A General runtime error occurred. Key provider XXX-XXX-1 not found."
search cancel

Error when trying to migrate an encrypted vm – "A General runtime error occurred. Key provider XXX-XXX-1 not found."

book

Article ID: 404554

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

After upgrading hosts to  ESXi version 8.0 U3f, they tried to migrate encrypted vms and they failed.

Environment

Upgrading host from ESXi version 8.0 u3d

Cause

When configuring migration it failed at Compatibility with "A General runtime error occurred. Key provider XXX-XXX-1 not found."

When looking at the VM Summary page you see "Encrypted", it is missing the native key provider.

 

Resolution

In reviewing vSphere 8 documentation, under Rekey an Encrypted Virtual Machine Using the vSphere Client

https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/8-0/vsphere-security-8-0/use-encryption-in-your-vsphere-environment/rekey-an-encrypted-virtual-machine-using-the-vsphere-client.html

  • Log in to the vCenter Server system with the vSphere Client.
  • Browse the inventory list and select the encrypted virtual machine.
  • Right-click the encrypted virtual machine and select VM Policies.                                                     
  • Select Re-encrypt. 
  • Click Yes.
    The encrypted virtual machine is rekeyed with the new KEK.
     
  • After doing the above if you look at the vm Summary you will now see that Encryption has changed from "Encrypted" to "Encrypted with native key provider: XXX-XXXX

       

    Powered by Wolken Software