Enabling secure boot got error "Unable to change the encryption mode and policy. Verify that the current host configuration can satisfy the new requirement"
search cancel

Enabling secure boot got error "Unable to change the encryption mode and policy. Verify that the current host configuration can satisfy the new requirement"

book

Article ID: 422868

calendar_today

Updated On:

Products

VMware vSphere ESXi

Issue/Introduction

Symptoms:

Unable to enable secure boot in the ESXi, when running the following command an error message is seen as "Unable to change the encryption mode and policy. Verify that the current host configuration can satisfy the new requirement"

# esxcli system settings encryption set -s 1

 

Environment

ESXi 8.x

Cause

The BIOS option "Secure Boot" is not enabled.

Resolution

Enable "Secure Boot" under BIOS and reboot to check the option then run " esxcli system settings encryption set -s 1" on host and reboot host to check the setting.

Additional Information

Please check with Hardware Vendor about the TMP and Secure Boot  setting.
And Enabling secure boot on ESXi host fails with error "Unable to change the encryption mode and policy. Verify that the current host configuration can satisfy the new requirement" has the same error message.

Powered by Wolken Software