Encryption key rotation without PowerCLI 12.3.0
Article ID: 320075
Updated On:
Products
VMware vSphere ESXi
Issue/Introduction
Symptoms:
Encryption keys for vSphere native key providers cannot be rotated without PowerCLI 12.3.0.
Encryption keys for vSphere native key providers cannot be rotated without PowerCLI 12.3.0.
Environment
VMware vSphere 7.0.x
Resolution
To resolve this issue, upgrade to PowerCLI 12.3.0 and use Set-KeyProvider cmdlet to rotate keys
Note: PowerCLI 12.3.0 will support rotating keys when using vSphere native key providers.
Workaround:
To workaround this issue:
Note: PowerCLI 12.3.0 will support rotating keys when using vSphere native key providers.
Workaround:
To workaround this issue:
- Create a new vSphere native key provider.
- Re-key any encrypted VMs using the old key provider to the new key provider using vSphere client or Set-VM PowerCLI cmdlet.
Set-VM -VM <vm> -KeyProvider <new-keyprovider>
Feedback
Yes
No
Powered by
