When performing an in-place upgrade from Windows 10 to Windows 11 on virtual machines (VMs) hosted on VMware ESXi, the upgrade may fail due to Trusted Platform Module (TPM) compatibility issues. Windows 11 requires a TPM 2.0, which may not be configured by default in vSphere VMs, resulting in an error during the upgrade process.

The Windows 10 to Windows 11 upgrade fails because the virtual machine (VM) is missing a virtual Trusted Platform Module (vTPM), which is required for Windows 11. To use a vTPM in vSphere, you need a Key Management Server (KMS) or vSphere Native Key Provider set up, which may not be configured in your environment.

To resolve the TPM compatibility issue and enable the Windows 10 to Windows 11 in-place upgrade, configure a vSphere Native Key Provider on the vCenter Server and add a vTPM to the affected VMs. Follow these steps:

1. Prerequisites:

   • vTPM is supported in vSphere 7.0 Update 2 and later, see vSphere Native Key Provider Overview

   • Confirm the VM’s hardware version is 14 or higher (required for vTPM).

   • VM firmware is set to EFI.

2. Configure vSphere Native Key Provider:

   • Log in to the vSphere Client as an administrator.

   • Navigate to vCenter > Configure > Key Providers.

   • Add a Native Key Provider:

     • Select Add Native Key Provider.

     • Enter a name (e.g., NativeKeyProvider) and generate a key.

     • Back up the key as prompted (store securely).

   • For detailed instructions, refer to the VMware documentation: Configure a vSphere Native Key Provider.

3. Add a Virtual TPM to the VM: 

   • Edit VM setting

   • Click Add New Device > Trusted Platform Module.

   • Select the configured Native Key Provider and confirm.

   • Ensure the VM’s guest OS is set to Windows 10 or later (64-bit) and uses EFI boot.

   • For detailed steps, refer to: Enable Virtual Trusted Platform Module for an Existing Virtual Machine.

4. Enable UEFI Secure Boot, (*IMPORTANT* please see KB article:  "Virtual Machine fails to boot when changing the Firmware from BIOS to EFI" 
   

   • In the VM settings, expand the "VM Options" section.

   • Set the firmware to "EFI".

   • Check the box for "Secure Boot".

   • Save the changes.

5. Perform the Upgrade from Windows 10 to Windows 11, please see KB: Guidance for in-place upgrade of Windows 10, version 2004 and later to Windows 11