I'm running v16.2.2 build 19200509, because I hadn't updated from 16.1.2 I had a couple of new things to get acquainted with.

So far I was using the usual encrypted VMs with TPM, but I wanted to give software TPM a try and see how performance went and whether disks would be portable (unencrypted) or not. Mostly because having it all encrypted is a pain in the ass, if disks were to be moved from one location to another there's no easy way to just redirect the path and be done with it.

So I created a new VM targeting the new hardware level, set to be running Windows 10+, modified the VMX file to add:

managedVM.autoAddVTPM = "software"

After powering it on several other properties were added as well, encryption keys and the like. So far so good, except the default is not to allow USB devices, with no info in the UI shown when that line is added to the VM configuration file... not that it was much clearer before, but at least you could handle the restrictions on USB devices graphically, now it's just as it was in v16.1 a blank page below the basic USB config. Other people are seeing this as well, e.g. here, back in Nov. 2021, but it was unacknowledged or ignored.

Now, is it possible to revert adding a software TPM to the machine?

• Removing the TPM from the machine through the UI directly results in it popping up again after the machine is closed and opened again.
• Manually editing the VMX to remove all related entries (i.e. managedVM.autoAddVTPM, managedVM.ID, encryption.encryptedKey, vtpm.ekCSR, vtpm.ekCRT, vtpm.present, encryption.keySafe and encryption.data) leads to an "un-openable" machine. A rather useless error message stating "dictionary problem" is shown instead of something actionable.
• Manually editing the VMX to remove managedVM.autoAddVTPM and set vtpm.present to FALSE while leaving the other ones as they are makes the VM accesible, but some things are still encrypted. For example, creating a new, unencrypted, VM and trying to add any of the disks that belonged to the VM that had the software TPM leads to an even less descriptive error message, "Internal error." like the one you can see below.

Because some of the things I've tried are new and undocumented so far I expected them not to work in v16, but a little bit of info on the matter would be appreciated; even if it's from an overview perspective, for example, what is actually encrypted when adding a software TPM? I see the VMX is not, so moving disks to a different placement would be easy. And more importantly, is there a way to return the VM to the default state without the software TPM once it's been added?

Thanks for your time in any case, regards.

PS. How does one fill in a formal bug report by the way? Contacting support?

PPS. If anyone from VMware stumbles upon this post, please make error and warning messages descriptive in subsequent releases...