TOP VCF technology

VMware Cloud Foundation

ESXi vCenter VCF vSphere

Useful command for KMS vCenter for ESXi hosts

By Kader #Encryption, #esx, #key provider, #kms, #nkp, #secure boot, #tpm esxi 
#Verify that the ESXi host is in TPM mode
esxcli system settings encryption get

#If the Mode appears as NONE, you must enable the TPM in the firmware of the host, and set the mode
esxcli system settings encryption set --mode=TPM

#Enable secure boot in the firmware of the host then run this command
esxcli system settings encryption set --require-secure-boot=T

#To enable key persistence (if reboot esxi host and kms is not available) 
esxcli system security keypersistence enable

#To save the setting
/sbin/auto-backup.sh

#Secure ESXi Configuration Recovery Key
esxcli system settings encryption recovery list

#To disable persistence
esxcli system security keypersistence disable --remove-all-stored-keys

By Kader

Related Post

VCF

unlock accounts on SDDC manager cli on VMware Cloud Foundation 5.2 AND older

Kader
Certification ESXi Scripts

ESXi certificate update for vmware cloud foundation the CLI way

Kader
ESXi Scripts vCenter

ESXi powercli script – testing flapping nic with vmnic1 interface up and down every 30 seconds in a loop

Kader

You Missed

VCF

unlock accounts on SDDC manager cli on VMware Cloud Foundation 5.2 AND older

Certification ESXi Scripts

ESXi certificate update for vmware cloud foundation the CLI way

ESXi Scripts vCenter

ESXi powercli script – testing flapping nic with vmnic1 interface up and down every 30 seconds in a loop

VCF vRealize / Aria Products

Deploy VMware Aria suite lifecycle with VMware Cloud Foundation