Using a standard key provider in your vSphere environment requires some preparation. After your environment is set up, you can create encrypted virtual machines and virtual disks and encrypt existing virtual machines and disks.
After your environment is set up for a standard key provider, you can use the vSphere Client to create encrypted virtual machines and virtual disks and encrypt existing virtual machines and disks. See Use Encryption in Your vSphere Environment.
You can perform additional tasks by using the API and by using the crypto-util CLI. See the vSphere Web Services SDK Programming Guide for the API documentation and the crypto-util command-line help for details about that tool.