• Unable to enable secure boot in the ESXi, when running the following command an error message is seen as "Unable to change the encryption mode and policy. Verify that the current host configuration can satisfy the new requirement"

# esxcli system settings encryption set --require-secure-boot=T

• vmkernel.log has the following snippet,

[YYYY-MM-DDTHH:MM:SS] In(182) vmkernel: VMB_TPM: 81: No TPM2 table found. No TPM 2 device present.
[YYYY-MM-DDTHH:MM:SS] In(182) vmkernel: VMB_TPM: 237: Unable to determine TPM IO area base address.
[YYYY-MM-DDTHH:MM:SS] In(182) vmkernel: VMB_TPM: 187: Failed to initialize TPM.

[YYYY-MM-DDTHH:MM:SS] In(182) vmkernel: 0:00:00:06.021 cpu0:2097152)VMKAcpi: 63: TPM device present 0x430306603ab0 (PNP id PNXXXX1 found)

[YYYY-MM-DDTHH:MM:SS] Wa(180) vmkwarning: 0:00:00:06.030 cpu0:2097152)WARNING: VMKAcpi: 136: TPM 1.2 is no longer supported.

VMware vSphere ESXi 8.x

This issue is due to TPM 2.0 chip is not installed in the ESXi host

• Support of TPM 1.2 and TPM 1.1 and associated features is deprecated and not supported in vSphere versions 8.0 and later. Refer VMware vSphere 8.0 Release Notes

• Engage the hardware OEMs to upgrade the Trusted Platform Module on all affected hosts to a supported TPM version. (2.0 or higher)

More information on VMware vSphere Support of Trusted Platform Module (TPM) and Trusted Execution Technology (TXT)