VMware Cloud Community
520192
Contributor
Contributor
‎10-03-2023 09:03 PM
Jump to solution

Can't I enable vTPM with a Standard License?

Hi all.

 

I want to enable vTPM on my ESXi VMs.

 

I heard vTPM require a Native Key Provider.

 

Below Docs Links says "To use vSphere Native Key Provider for vSphere Virtual Machine Encryption, you must have purchased the vSphere Enterprise Plus Edition. vSphere Native Key Provider can coexist with an existing key server infrastructure.".


https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.security.doc/GUID-54B9FBA2-FDB1-400...

However, I don't have an Enterprise Plus license, I only have a Standard license.

 

Can I enable vTPM with a Standard License?

 

Thank you for your comments.

 

Reply
0 Kudos
1 Solution

Accepted Solutions
depping
Leadership
Leadership
‎10-04-2023 01:16 AM
Jump to solution

Yes you should be able to use it, a vTPM requires a key provider, the native key provider is part of vCenter Server at all license levels, VM Encryption is what requires Enterprise Plus, but if you only do vTPM and the Native Key Provider you don't need that.

https://core.vmware.com/vtpm-questions-answers

View solution in original post

Reply
0 Kudos
3 Replies
Sachchidanand
Expert
Expert
‎10-03-2023 10:12 PM
Jump to solution

What are the vSphere license levels that support vTPMs?

All editions of vSphere 7 and newer are licensed to use vTPM and the Native Key Provider.

Please go through the following documents to get the answer:

https://core.vmware.com/vtpm-questions-answers#do-i-need-a-key-provider-to-use-vtpm

https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/docs/vmw-datasheet-vsphere-product...

Regards,

Sachchidanand

Reply
0 Kudos
d3m1g0d
Enthusiast
Enthusiast
‎10-04-2023 12:45 AM
Jump to solution

vTPM and Native Key Provider are available with all license levels of vSphere. But you need vSphere Enterprise Plus if you want to use VM Encryption.

See here: https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/products/vsphere/vmware-vsphere-pr... (interestingly, NKP is not selected in this document for vSphere+ Standard for whatever reason, but that's another story I guess)

Reply
0 Kudos
depping
Leadership
Leadership
‎10-04-2023 01:16 AM
Jump to solution

Yes you should be able to use it, a vTPM requires a key provider, the native key provider is part of vCenter Server at all license levels, VM Encryption is what requires Enterprise Plus, but if you only do vTPM and the Native Key Provider you don't need that.

https://core.vmware.com/vtpm-questions-answers

Reply
0 Kudos