Introduction

This guide describes the integration of the Entrust KeyControl KMIP Vault Key Management Solution (KMS) with VMware encryptions solutions, vSAN, and VM encryption. Entrust KeyControl KMIP Vault can serve as a KMS in vCenter using the Key Management Interoperability Protocol (KMIP) open standard.

Documents to read first

This guide describes how to configure the Entrust KeyControl KMIP Vault as a KMS in vCenter.

To install and configure the Entrust KeyControl KMIP Vault as a KMIP server, see the following documents:

Entrust KeyControl Vault nShield HSM Integration Guide. You can access it from the Entrust Document Library and from the nShield Product Documentation website.
KeyControl Vault with VSAN and VMware vSphere VM Encryption.

Also refer to the following documents in the VMware online documentation:

Using Encryption in a vSAN Cluster.
Virtual Machine Encryption.

Product configuration

Product	Version
VMware vSphere	7.0, 8.0
KeyControl Vault	10.4.1

Product

Version

VMware vSphere

7.0, 8.0

KeyControl Vault

10.4.1

Requirements

Entrust recommends that you allow only unprivileged connections unless you are performing administrative tasks.