The [Encrypt VM] toggle switch displays a red prohibited mark. The toggle switch is grayed out and cannot be operated.

VMware vCenter Server 8.0

The vSphere Client disables the [Encrypt VM] toggle if no active Key Provider is configured in vCenter Server.

To enable the toggle switch, you must configure a Key Provider in vCenter Server. For steps to configure a vSphere Native Key Provider, refer to this document: Configure a vSphere Native Key Provider

If the toggle switch is entirely missing (not just grayed out), verify that the user's role has the necessary privileges for cryptographic operations and storage policies. See the related KB: The Encryption toggle switch is missing in the vSphere Client