no, you can still provide your own secrets encryption config as covered in the Kubernetes docs, but the rke2's automatic management of the configuration via the secrets-encrypt command only supports the aescbc provider. If you provide your own configuration that uses a different provider, rke2 cannot manage it for you.