Some KMS vendors such as HyTrust require that you upload the KMS server certificate and private key to the vCenter Server system.

Some KMS vendors generate a certificate and private key for the connection and make them available to you. After you upload the files, the KMS trusts your vCenter Server instance.

Prerequisites

  • Request a certificate and private key from the KMS vendor. The files are X509 files in PEM format.

Procedure

  1. Navigate to the vCenter Server.
  2. Click Configure and select Key Management Servers.
  3. Select the KMS instance with which you want to establish a trusted connection.
  4. Select Upload certificate and private key and click OK.
  5. Paste the certificate that you received from the KMS vendor into the top text box or click Upload File to upload the certificate file.
  6. Paste the key file into the bottom text box or click Upload File to upload the key file.
  7. Click OK.

What to do next

Finalize the trust relationship. See Complete the Trust Setup.