VMware vSAN 7.0U1 and higher

Q: What does the 'Data-in-transit encryption Health – Configuration check' check do?

This health check will check if data-in-transit encryption is configured properly for the cluster. It only performs this health check when data-in-transit encryption is enabled on the cluster.

Q: What does it mean if it shows an error state?

When data-in-transit encryption is enabled on a cluster, all hosts are required to have data-in-transit encryption enabled and return normal states to the health check, as well as have consistent rekey intervals with the current cluster setting. Otherwise, the network traffic in this cluster may not be properly encrypted. If this health check fails, it means that not all hosts have a configuration that is consistent with the cluster-level data-in-transit encryption configuration. Details of the specific issue(s) triggering the health alert will be displayed in the result table of this health check.

Q: How to fix the error state?

Follow the instructions in the Recommendation column.

vSAN 健全性サービス - 転送中データの暗号化の健全性 – 構成チェック