If vCenter Server detects a critical error with virtual machine encryption, it creates an event. You can view these events to help troubleshoot and resolve encryption errors.

vCenter Server creates events for the following virtual machine encryption critical errors.

  • Failure to generate a KEK.
  • Insufficient disk space on the datastore to create an encrypted virtual machine.
  • Insufficient user privilege to initiate encryption operation.
  • The specified key is missing on the KMS cluster and so the ESXi host key is renewed with a new key.
  • An error occurred on the KMS cluster with the specified key and so the ESXi host key is renewed with a new key.