"Receiving general runtime error message. Native key provider is not compatible with host" error when creating a Windows 11 VM.
search cancel

"Receiving general runtime error message. Native key provider is not compatible with host" error when creating a Windows 11 VM.

book

Article ID: 382042

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

  • When creating a Windows 11 VM, you receive the following error: 
Receiving general runtime error message.  Native key provider is not compatible with host

 

 

Environment

  • vCenter Server 8.0.X
  • vCenter Server 7.0.X

Cause

  • If you leave the default “Use key provider only with TPM protected ESXi hosts" selected when setting up the native key provider but do not have hardware TPM enabled turned on in the BIOS, hosts without TPMs will not participate in Native Key Provider. When you attempt cryptographic operations on a virtual machine on those hosts, they fail.

Resolution

  • To resolve this issue: 

    • Check that TPM is available and enabled in the BIOS and If the TPM is available but disabled, turn it ON. 
    • If you do not have hardware TPM, then you will have to recreate the Native Key Provider and uncheck the box "Use key provider only with TPM protected ESXi hosts" during setup.
    • If you have previously created a VM with vTPM please do the following: 

      Take a snapshot of the vCenter
      Make a backup of Native Key Provider instance with the exact same name
      Delete the instance 
      Restore it from the backup but do not check the box this time
      Note: As we are restoring the exact same NKP with the same keys, the VMs already created with vTPM will continue to work.

       

Additional Information

For more information, see: vSphere Native Key Provider (NKP) Questions & Answers 

For information on deploying the native key provider see: Configuring and Managing vSphere Native Key Provider

Powered by Wolken Software