The ESE at-rest encryption feature takes advantage of OpenSSL's ability to use hardware AES acceleration ("AES-NI"), if available. However, this means that if AES-NI is not available, a software fallback will be used which will likely have noticably large impact on performance. Therefore, if the server is started with ESE at-rest encryption enabled, and the CPU lacks support for AES-NI instructions, then the server should alert the user with a startup warning.

Unfortunately checking CPU capabilities may require platform specific code. OpenSSL may have an abstraction that can do this, and return if AES-NI will be used. Otherwise, this will need to be checked manually, eg. checking /proc/cpuinfo on Linux.