Starting in vSphere 7.0 Update 2, you can enable FIPS-validated cryptography on the vCenter Server Appliance.

FIPS 140-2 is a U.S. and Canadian government standard that specifies security requirements for cryptographic modules. vSphere uses FIPS-validated cryptographic modules to match those specified by the FIPS 140-2 standard. The goal of vSphere FIPS support is to ease the compliance and security activities in various regulated environments.

Starting in vSphere 6.7, ESXi and vCenter Server use FIPS-validated cryptography to protect management interfaces and the VMware Certificate Authority (VMCA).

vSphere 7.0 Update 2 adds additional FIPS-validated cryptography to vCenter Server Appliance. By default, this FIPS validation option is disabled.

Note: vSphere favors compatibility over FIPS, so some components have considerations to be aware of. See Considerations When Using FIPS.