Use the Upload Certificate and Private Key Option to Establish a Standard Key Provider Trusted Connection

Some Key Management Server (KMS) vendors require that you upload the KMS server certificate and private key to the
vCenter Server
system.
  • Request a certificate and private key from the KMS vendor. The files are X509 files in PEM format.
Some KMS vendors generate a certificate and private key for the connection and make them available to you. After you upload the files, the KMS trusts your
vCenter Server
instance.
  1. Navigate to the
    vCenter Server
    .
  2. Click
    Configure
    and select
    Key Management Servers
    .
  3. Select the KMS instance with which you want to establish a trusted connection.
  4. From the
    Establish Trust
    drop-down menu, select
    Make KMS trust vCenter
    .
  5. Select
    KMS certificate and private key
    and click
    Next
    .
  6. Paste the certificate that you received from the KMS vendor into the top text box or click
    Upload a File
    to upload the certificate file.
  7. Paste the key file into the bottom text box or click
    Upload a File
    to upload the key file.
  8. Click
    Establish Trust
    .
Finalize the trust relationship. See Finish the Trust Setup for a Standard Key Provider.