I wish I’d taken notes of how I finally got it working, it was while ago now!
I believe that the following statement in the wiki article was key to my success…
Note that at the moment one can only use passphrases (
keylocation=prompt) for pools that are mounted as the root fs.
So Ideally when you create the second encrypted zhome pool with zpool, you should specify keylocation as a file that is created at the root of the zroot pool that does use the passphrase prompt on boot.
If I remember correctly, I did it wrong at first, using keylocation=prompt, but later fixed it because zroot was ok, I just got messages that zhome couldn’t be mounted. I then created my /zhome.key file, manually mounted the zhome pool and used zfs change-key ... to fix it up, once I’d read that above phrase a million times!
So, maybe something like this is better after creating and mounting zroot on /mnt and creating the key file?
zpool create -o ashift=12 -o altroot="/mnt/home" -O mountpoint=none -O encryption=aes-256-gcm -O keyformat=passphrase -O keylocation=/zhome.key zhome /dev/disk-by-uuid/SOMETHING
My zhome.key file in / (a.k.a. /mnt/zhome.key during setup), is just a plain file that simply contains the passphrase (password) that I was asked for when I initially screwed things up.
Hope that helps.