Key revocation is the process of invalidating a key and keep it from being used. Revocation is typically triggered when one or more keys becomes untrusted for some reason, for example, a data breach. Revocation stops the use of the key and initiates a request for a new key from the DNE Key Manager. Revocation affects traffic, as some packets could be dropped while hosts await the new key.


  1. From your browser, log in to an NSX Manager at https://nsx-manager-ip-address.
  2. Select Encryption from the navigation panel.
  3. Click the Keys tab if it is not already selected.
  4. Select the policy that you want to revoke.
  5. Click Actions and select Revoke.
  6. Click OK.