Enable Trusted Platform Module on Virtual Machine

The VMware Workstation Pro supports TPM version 2.0, you can enable trusted platform module on your virtual machine. In this post I will show you how to encrypt a virtual machine and enable TPM on it.

According to VMware you can add a virtual cryptoprocessor that uses Trusted Platform Module (TPM) technology to an encrypted virtual machine. Later you can also remove the cryptoprocessor from the virtual machine.

TPM technology provides hardware-based, security-related functions. A TPM cryptoprocessor carries out cryptographic operations.

In Windows 10, BitLocker is an encryption feature available in both Professional and Enterprise editions. However it requires a Trusted Platform Module (TPM) on the system.

If you don’t have TPM, you can still enable BitLocker encryption. To enable BitLocker encryption on Windows 10 without TPM, read this post.

Note – You can add TPM device on an encrypted virtual machine with a minimum hardware version of 14 that uses the UEFI firmware type.

On a Virtual Machine, when you attempt to add a trusted platform module, it won’t allow you to do that. This is because the VM must be encrypted before you enable TPM.

Hence lets look at the steps to encrypt the VM and then enable TPM on it.

Enable Trusted Platform Module on Virtual Machine
Enable Trusted Platform Module on Virtual Machine

Step 1 – Encrypt the Virtual Machine

To encrypt a virtual machine:-

  • First of all Power Off the VM. You cannot encrypt a VM while it is in Power On state.
  • Edit the VM settings and click Options tab.
  • Under Settings, click Access Control. To encrypt the VM, click Encrypt.
Encrypt the Virtual Machine
Encrypt the Virtual Machine

To encrypt a VM, you must set a password for the virtual machine. Enter a strong password and click Encrypt.

Encrypt the Virtual Machine

Depending on the size of the virtual machine, the encryption process could take some time.

Encrypt the Virtual Machine

After the VM encryption is complete, edit the VM settings and click Access Control. Now it shows This virtual machine is encrypted.

If you wish to change the secure password, you can do that by clicking Change Password button. Click OK.

Encrypt the Virtual Machine

Step 2 – Enable Trusted Platform Module on Virtual Machine

After you encrypt the virtual machine, use the below steps to enable Trusted Platform Module(TPM) on virtual machine.

  • Power off the VM (In case if its turned on).
  • Go the virtual machine settings and under Hardware tab, click Add button.
  • On the Add hardware wizard box, select Trusted Platform Module and click Finish.
  • Clicking Finish button enables the TPM on virtual machine.
Add Trusted Platform Module on Virtual Machine
Add Trusted Platform Module on Virtual Machine

Once the TPM is enabled, you can verify it under the VM settings. The Trusted Platform Module shows as Present.

Add Trusted Platform Module on Virtual Machine

To verify if the TPM has been enabled on the VM, restart the VM and go to BIOS. Check the TPM configuration and it should show the TPM version as 2.0.

Check Trusted Platform Module on Virtual Machine
Check Trusted Platform Module on Virtual Machine

In addition to the above method, you can also login to the OS and check the TPM details. Type TPM.msc in the run command and press enter. This opens the TPM management on local computer. Under Status it shows TPM is ready for use. For TPM version, look for the details under TPM Manufacturer Information.

To check the TPM details using command line, read this post.

Check Trusted Platform Module on Virtual Machine
Check Trusted Platform Module on Virtual Machine
Related Posts
guest
1 Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Adeel

Amazing article. Bundle of thanks and keep up the good work.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More