Some KMS vendors such as HyTrust require that you upload the KMS server certificate and private key to the vCenter Server system.
Some KMS vendors generate a certificate and private key for the connection and make them available to you. After you upload the files, the KMS trusts your vCenter Server instance.
- Request a certificate and private key from the KMS vendor. The files are X509 files in PEM format.
- Navigate to the vCenter Server.
- Click Configure and select Key Management Servers.
- Select the KMS instance with which you want to establish a trusted connection.
- Select Upload certificate and private key and click OK.
- Paste the certificate that you received from the KMS vendor into the top text box or click Upload File to upload the certificate file.
- Paste the key file into the bottom text box or click Upload File to upload the key file.
- Click OK.
What to do next
Finalize the trust relationship. See Complete the Trust Setup.