• There are stale KMS entries visible in vCenter Server KMS Provider page located at "vCenter Server -> Configure -> Security -> Key Provider".
• The amount of encrypted OrgVDC in Cloud Director does not match the amount of Key Providers visible in vCenter Server.
• KMS server receives requests that come from old keys.

VMware Cloud Director Encryption Management 1.2.1

VMware Cloud Director 10.6.1

This issue occurs when Key Providers are not removed from vCenter Server after an OrgVDC has been unencrypted using VMware Cloud Director Encryption Management.

Please open a case with Broadcom Support for review. For more information, see Creating and managing Broadcom support cases