This KB article describes the process for creating a Virtual Machine with a Virtual Trusted Platform Module. A TPM or vTPM is required for some OS installations, like Windows 11 for example.

For more information about

• Windows 11 System Requirements, see Find Windows 11 specs, features, and computer requirements.
• Windows 11 Support on vSphere, see Windows 11 Support on vSphere | VMware
  
  Symptoms:
  This is an informational document.
  
  

VMware vSphere ESXi 8.x

VMware vSphere ESXi 7.x

VMware vSphere ESXi 6.7

Meet the requirements to deploy a Windows 11 VM equipped with vTPM.

1. Ensure on ESXi host that TPM Module is enabled. 

2. Meet the requirement to deploy Windows 11 VM:

Processor: 1 gigahertz (GHz) or faster with two or more cores on a compatible 64-bit processor or system on a chip (SoC).
Memory: 4 gigabytes (GB) or greater.
Storage: 64 GB or greater available disk space. 
Graphics card: Compatible with DirectX 12 or later, with a WDDM 2.0 driver.
System firmware: UEFI, Secure Boot capable.
TPM: Trusted Platform Module (TPM) version 2.0.
Display: High definition (720p) display, 9" or greater monitor, 8 bits per color channel.

The process for creating a VM with a vTPM is very similar to the standard VM creation process, with the added requirement of having a Key Provider configured and adding a vTPM device to the VM.

Connect to vCenter Server by using the vSphere Client, configure a Key Provider in your vSphere environment.

• For vSphere 6.7, please refer to this doc: Add a KMS to vCenter Server in the vSphere Client 
• For vSphere 7.0, refer to this doc: Add a Standard Key Provider Using the vSphere Client
• For vSphere 7.0 U2 and later, besides above Standard Key Provider option, there is vSphere Native Key Provider, refer to this doc: Configure a vSphere Native Key Provider
• For vSphere 8.0, refer to this doc: Add a Standard Key Provider Using the vSphere Client

To create the vTPM equipped VM: 

1. Select an object in the inventory that is a valid parent object of a virtual machine, for example, an ESXi host or a cluster.
2. Right-click the object, select New Virtual Machine, and follow the prompts to create a virtual machine.
3. At Customize hardware step, click VM Options tab, under Boot Options, make sure the Firmware is set to EFI.
4. Go back to Virtual Hardware tab, click ADD NEW DEVICE and select Trusted Platform Module.
5. Click Next, Finish to complete the virtual machine creation.

To verify that the vTPM has been added to the new VM:

• Right-click the new created virtual machine, select Edit Settings, you can see Trusted Platform Module is present under Security Devices.

Japanese: 仮想 Trusted Platform Module (vTPM) デバイスを使用する新しい仮想マシンの作成