Nutanix AOS supports data at rest encryption for past several years. On early
To have a fully supported encryption feature, Nutanix AOS have to have access to the Key Management System. The solution supports external KMS or internal (software based) LKMS integrated with Prism. If you would like to read more about Nutanix native key management system, read one of my previous blog posts.
Default port which is used by Nutanix AOS to connect to Key Management System is 5696. However, you can modify configuration to use different port. It is available from ncli command line.
The command line syntax is: key-management-server get name=<KMS_NAME>
to get details about existing KMS configuration
To update KMS configuration (in this case, port number), use key-management-server update address-list IP_Address
:port
_number
$: key-management-server get name=SKLM
Server Name : SKLM
Server UUID : 57bf-42b5-8dc6-fbb04538abf2
Active : yes
Address : 192.168.56.26
Port : 5696
Address : 192.168.56.27
Port : 5696