After vCenter Server upgrade from version 8u3e to 8u3h, the Native Key Provider is not active and shows a warning.

VMware vCenter Server 8.0.x

Some of the ESXI hosts are disconnected and cannot be reconnected.

In the var/log/vmware/vpxd/vpxd.log on vCenter Server:

[timestamp] error vpxd[09662] [Originator@6876 sub=CryptoManager opID=xxxxxxxx-cxxx-xxxx-xxx9-xxxxxxxxxxxx-xx] [VapiEsxJwtAuthenticationUpdater] Failed to get XXX token. Error:

--> Error:

-->    com.vmware.vapi.std.errors.unauthenticated

--> No messages!

1. SSH to the vCenter Server with root credentials
2. Identify the affected hosts by running the following command: journalctl -b | grep "HostSyncFailedEvent.*Cannot complete login due to an incorrect" | awk '{print $(NF-11)}' | sort | uniq
3. Log into each affected host UI and disable lockdown mode if it is enabled
4. In the vCenter Server UI, disconnect and reconnect the affected ESXi host using the root credentials
5. Verify that the Native Key Recovery is active.

Reference KB article:

https://knowledge.broadcom.com/external/article/318563/the-vpxd-service-crashes-when-its-unable.html