You can configure the trusted key provider by using the vSphere Client.
Prerequisites
- Enable the Trust Authority Administrator.
- Enable the Trust Authority State.
- Collect Information About ESXi Hosts and vCenter Server to Be Trusted.
- Import the Trusted Host Information to the Trust Authority Cluster.
- Create the Key Provider on the Trust Authority Cluster.
- Export the Trust Authority Cluster Information.
- Import the Trust Authority Cluster Information to the Trusted Hosts.
Procedure
Results
ESXi Trusted Hosts can now perform cryptographic operations, such as creating encrypted virtual machines.
What to do next
Encrypting a virtual machine with a trusted key provider looks the same as the virtual machine encryption user experience that was first delivered in vSphere 6.5. See Using Encryption in Your vSphere Environment.