vTPM device creation fails with "TPM2 device is required" error
search cancel

vTPM device creation fails with "TPM2 device is required" error

book

Article ID: 417299

calendar_today

Updated On:

Products

VMware vSphere ESXi 8.0

Issue/Introduction

When adding a virtual Trusted Platform Module (vTPM) to a virtual machine, a new window is presented with the following error messages:

Operation failed!
Task name Reconfigure virtual machine
Target        [virtual machine name]
Status        RuntimeFault.Summary



The task status show the following message.
A general runtime error occurred. Key provider [Key Provider name] is not compatible with the host  [host name]. Reason: "TPM2 device is required."

Environment

VMware vCenter Server 8.x
VMware vSphere ESXi 8.x

Cause

When a Native Key Provider is added to vCenter Server, the option "Use key provider only with TPM protected ESXi hosts (Recommended)" is presented.
If this checkbox remains checked, a vTPM can only be attached to virtual machines residing on ESXi hosts equipped with a physical TPM.


Resolution

  • If hosts with and without physical TPMs are present in the environment, and virtual machines with vTPMs are required on both types of hosts, the Native Key Provider (NKP) must be reconfigured.

  • Uncheck the box labeled "Use key provider only with TPM protected ESXi hosts (Recommended)" during the NKP configuration process.


Powered by Wolken Software