VMware Cloud Community

Can the TPM 1.2 be disabled in ESXi 7.0U2+?

I wanted to know if it is possible to disable the TPM 1.2 within the system BIOS after it has been enabled on ESXi 7.0U2+. 


I understand that the system will initially fail to boot with a PSOD with the message "Unable to restore system configuration. A security violation was detected.  https://via.vmw.com/security-violation" related to VMware KB# 81446.  I believe you can recover the ESXi Secure Configuration by rebooting and editing the boot options to add the encryptionRecoveryKey then use /sbin/auto-backup.sh to make the change persist.  


What I'm unsure about is if the Secure ESXi Configuration in 7.0U2 has any additional requirements that will cause issues with attempting to disable the TPM 1.2. 


ref: https://kb.vmware.com/s/article/81446

Recover Secure ESXi Configuration:  https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.security.doc/GUID-23FFB8BB-BD8B-46F... 

Tags (2)
0 Kudos
0 Replies