search cancel

Endpoint Encryption is unable to encrypt HP EliteDesk 800 G3 desktops in UEFI mode


Article ID: 173068


Updated On:


Endpoint Encryption


Endpoint Encryption 11.x client installs on HP EliteDesk 800 G3 desktops with Windows 10 running in UEFI mode.

Encryption should start automatically, but unable to do so after a reboot.


  • HP EliteDesk 800 G3 desktop
  • Endpoint Encryption 11.1.x or 11.2.x client
  • Windows 10 (seen on 1803, although could apply to other versions) with UEFI mode enabled


On UEFI systems, a system partition exists named EFI, which is set to 100MB. Endpoint Encryption stores pre-boot information in EFI. The default HP Windows image includes an "HP" folder that consumes a majority of this space, which prevents Endpoint Encryption from writing the required files for encryption to work.


The EFI\HP folder can be deleted, which will allow enough space for Endpoint Encryption to write the necessary files. Alternatively, reinstalling Windows and deleting the partitions can also free up space. Be advised that doing either of these will remove the ability to use HP's recovery tools.

Advanced users can also manually alter the partition schema and expand the EFI partition from 100MB to 200MB, however, this should be addressed with HP for assistance.