VMware Communities
jaxindevon
Contributor
Contributor

Secure Boot on Windows 10 Pro hosted on VMWare Fusion

Hi All

I've searched the web for the steps required to enable 'Secure Boot' in Windows 10 for a guest machine which runs on WMWare Fusion.  I have read the following

 

https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.security.doc/GUID-898217D4-689D-4EB...

Win10 secure boot inside vmware fusion – DiabloHorn

The first is not relevant to Fusion and the second suggests the following.  I have completed the first two steps but not really sure about the last step.  My machine is already built and if I try the steps on a new machine I can't add a TPM chip as it says UEFI firmware is required.

  • Enable EFI by adding the following to the ‘.vmx’ file
    • firmware = “efi”
  • Enable VT-x/EPT
    • can be found in setting under “Processors & Memory”, “advanced settings”
  • Choose OS type “Hyper-V (unsupported)

 

Can anyone point to the correct method to achieve this?

 

Kind regards

Labels (1)
Reply
0 Kudos
2 Replies
Technogeezer
Immortal
Immortal

What version of Fusion?

On Fusion 12 Player, I just created a VM with an OS type of “Windows 10 and later x64”. During the VM creation process, a dialog appreared that offered to use BIOS or UEFI, and the UEFI option had a checkbox for Secure Boot.  That process placed the following 2 lines in my .vmx file:

firmware = efi 

uefi.secureBoot.enabled = “TRUE”

So at worst if these 2 entries are in the .vmx file Secure Boot should be enabled.

I could have sworn that I saw a selection box for this in prior Fusion versions for Secure Boot by going to Settings -> Advanced for the VM. But I’m running Fusion 12 Player, not Pro and that selection does not appear in Settings.  I can’t tell if the ability to enable Secure Boot in the Settings is present in Pro. . 

- Paul (Technogeezer)
Editor of the Unofficial Fusion Companion Guides
Reply
0 Kudos
jaxindevon
Contributor
Contributor

Hi

Brilliant, uefi.secureBoot.enabled = “TRUE” was the setting I was missing.  Added this and its enabled.

Thanks 😀

Reply
0 Kudos