Information regarding the supportability and potential impact of disabling Federal Information Processing Standards (FIPS) on a vSphere Supervisor.

VMware vSphere Kubernetes Service

• Disabling FIPS on a vSphere Supervisor is not natively supported. No API or recommended method exists for this operation. The impact of disabling FIPS at the guest OS layer of the Supervisor VMs is completely untested.
  
  
• The vSphere Supervisor and vCenter Server communicate over TLS. As long as a compatible set of ciphers can be negotiated between the client and server, communication will succeed. Neither the client nor the server verifies the other's FIPS compliance. FIPS enforcement does not extend beyond the boundary of a single machine unless an explicitly incompatible algorithm (such as MD5) is required, which a FIPS-enabled machine will reject.
  
  
• To request official support for disabling FIPS in the vSphere Supervisor, a feature request must be submitted. For instructions on how to submit a request for new functionality, see Submit a VMware by Broadcom feature request.

• For instructions on enabling and disabling FIPS in vCenter Server, see Enable and Disable FIPS on the vCenter Server Appliance.

• For instructions on enabling and disabling FIPS in the Guest Cluster, see OSConfiguration.