This KB article describes the process for creating a Virtual Machine with a Virtual Trusted Platform Module. A TPM or vTPM is required for some OS installations, like Windows 11 for example.

For more information about

• Windows 11 System Requirements, see Find Windows 11 specs, features, and computer requirements.
• Windows 11 Support on vSphere, see Windows 11 Support on vSphere | VMware
  
  Symptoms:
  This is an informational document.
  
  

VMware vSphere ESXi 8.x

VMware vSphere ESXi 7.x

VMware vSphere ESXi 6.7

The process for creating a VM with a vTPM is very similar to the standard VM creation process, with the added requirement of having a Key Provider configured and adding a vTPM device to the VM.

Connect to vCenter Server by using the vSphere Client, configure a Key Provider in your vSphere environment.

• For vSphere 6.7, please refer to this doc: Add a KMS to vCenter Server in the vSphere Client 
• For vSphere 7.0, refer to this doc: Add a Standard Key Provider Using the vSphere Client
• For vSphere 7.0 U2 and later, besides above Standard Key Provider option, there is vSphere Native Key Provider, refer to this doc: Configure a vSphere Native Key Provider  

To create the vTPM equipped VM: 

1. Select an object in the inventory that is a valid parent object of a virtual machine, for example, an ESXi host or a cluster.
2. Right-click the object, select New Virtual Machine, and follow the prompts to create a virtual machine.
3. At Customize hardware step, click VM Options tab, under Boot Options, make sure the Firmware is set to EFI.
4. Go back to Virtual Hardware tab, click ADD NEW DEVICE and select Trusted Platform Module.
5. Click Next, Finish to complete the virtual machine creation.

To verify that the vTPM has been added to the new VM:

• Right-click the new created virtual machine, select Edit Settings, you can see Trusted Platform Module is present under Security Devices.

Japanese: 仮想 Trusted Platform Module (vTPM) デバイスを使用する新しい仮想マシンの作成