The article explains the issue to address usability concern the customers may have, and provides guidance on implementing the workaround for this issue.

Symptoms:

1. TPM-enabled host with ESX 7.0 Update 3 version is connected to a vSphere Virtual Center of a lower version (7.0 GA, Update 1 or Update 2).
2. In VC Client, Summary tab for the host shows red banner with "Host TPM attestation alarm". 

       3. In VC Client, Security view shows failed tasks with "Internal failure" error.

VMware vSphere ESXi 7.0.3
VMware vCenter Server 7.0.x

Starting from vSphere 7.0 U3 release, ESXi content is signed with ECC (Elliptic curve cryptography)-based key in addition to legacy signing with RSA keys. Older (pre-7.0U3) vSphere Virtual Center versions cannot interpret this key.

VMware is looking forward to include the resolution for the issue in one of the upcoming patch releases.

Workaround:

We can implement  the below options as a workaround. 
We can either implement both the options or choose to implement option 1, if vCenter upgrade is not possible at the moment. 

1. Acknowledge/Reset to green the alarm on Summary page of vSphere VC Client
2. Upgrade vSphere Virtual Center to vSphere 7.0 Update 3 version