5 Replies Latest reply on Jun 9, 2020 4:43 PM by mithrandir1030

    Key cache of vSAN encryption

    mithrandir1030 Novice

      I understand host holds KEK and Host key in its key cache in memory.

      I would like to ask if there is a way to check the key itself in key cache?

       

      Background:

      I am doing this evaluation that adding a host into encryption enabled vSAN cluster.

      I know that if I don't restart this host, the host will not request key from KMS.

      So I'd like to check if the key is really not in key cache. Then restart the host and see if the key is in key cache.