You can add a Virtual Trusted Platform Module (vTPM) to an existing virtual machine to provide enhanced security to the guest operating system. You must create a key provider before you can add a vTPM.
The VMware virtual TPM is compatible with TPM 2.0, and creates a TPM-enabled virtual chip for use by the virtual machine and the guest OS it hosts.
Prerequisites
- Ensure that your vSphere environment is configured for a key provider. See the following for more information:
- The guest OS you use can be Windows Server 2008 and later, Windows 7 and later, or Linux.
- Verify that the virtual machine is turned off.
- The ESXi hosts running in your environment must be ESXi 6.7 and later (Windows guest OS), or 7.0 Update 2 and later (Linux guest OS).
- The virtual machine must use EFI firmware.
- Verify that you have the required privileges:
Note: After adding a vTPM to a virtual machine, the
privilege is required to open a console session.