When you install a Trusted Platform Module (TPM) device on an ESXi host, the host might fail to pass attestation. You can troubleshoot the potential causes of this problem.


  1. View the ESXi host alarm status and accompanying error message. See View ESXi Host Attestation Status.
  2. If the error message is Host secure boot was disabled, you must re-enable secure boot to resolve the problem.
  3. If the attestation status of the host is failed, check the vCenter Server log for the following message:
    No cached identity key, loading from DB
    This message indicates that you are adding a TPM 2.0 chip to an ESXi host that vCenter Server already manages. You must first disconnect the host, then reconnect it. See vCenter Server and Host Management documentation for information about disconnecting and reconnecting hosts.
  4. For all other error messages, contact Customer Support.