PowerEdge: CTPM - Cannot Support ESXi TPM Encryption Function

概要: China-specific Trusted Platform Module (CTPM) Part Number (PN) WFD8R cannot support ESXi 7.0 and 8.0 Trusted Platform Module (TPM) encryption function.

この記事は次に適用されます: この記事は次には適用されません: この記事は、特定の製品に関連付けられていません。 すべての製品パージョンがこの記事に記載されているわけではありません。
他のリソースを確認する

現象

A NationZ CTPM in a 14G server, R6515 or R7515 with an ESXi 7.0 and ESXi 8.0 that has the TPM function enabled displays the following error message:

  • esxcli system settings encryption set --mode=TPM
    Unable to change the encryption mode and policy. Verify that the current host configuration can satisfy the new requirement.
  • esxcli system settings encryption set --require-secure-boot=TRUE
    Unable to change the encryption mode and policy. Verify that the current host configuration can satisfy the new requirement.

 

example of the same encryption error

 

原因

NationZ CTPM (PN: WFD8R) do not include Endorsement Key (EK) certificates. If you want to trust individual ESXi hosts, the TPM must include an EK certificate.
ESXi document: https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-B648273C-B7A9-42D5-BE35-A5577814392D.htmlThis hyperlink is taking you to a website outside of Dell Technologies.

 

解決方法

If allowed by Chinese law, TPM (PN: FXJVY) can be used. This is because the TPM can support the ESXi TPM encryption function.

More:
Not all CTPMs do not support ESXi TPM encryption features. 15G CTPM PN: 2VJ50 and HDNTW can support the ESXi TPM encryption function. But 15G TPM PN 2VJ50 and HDNTW cannot (used in R6515 and R7515).

 

対象製品

PowerEdge XR2, OEMR R6515, Poweredge C4140, PowerEdge C6420, PowerEdge C6520, PowerEdge C6525, PowerEdge FC640, PowerEdge M640, PowerEdge M640 (for PE VRTX), PowerEdge MX740C, PowerEdge MX750c, PowerEdge MX840C, PowerEdge R240, PowerEdge R250 , PowerEdge R340, PowerEdge R350, PowerEdge R440, PowerEdge R450, PowerEdge R540, PowerEdge R550, PowerEdge R640, PowerEdge R6415, PowerEdge R650, PowerEdge R650xs, PowerEdge R6515, PowerEdge R6525, PowerEdge R740, PowerEdge R740XD, PowerEdge R740XD2, PowerEdge R7415, PowerEdge R7425, PowerEdge R750, PowerEdge R750XA, PowerEdge R750xs, PowerEdge R7515, PowerEdge R7525, PowerEdge R840, PowerEdge R940, PowerEdge R940xa, PowerEdge T140, PowerEdge T150, PowerEdge T160, PowerEdge T340, PowerEdge T350, PowerEdge T360, PowerEdge T440, PowerEdge T550, PowerEdge T560, PowerEdge T640, PowerEdge XE2420, PowerEdge XE7100, PowerEdge XE7420, PowerEdge XE7440, PowerEdge XE8545, PowerEdge XR11, PowerEdge XR12, PowerEdge XR4000r, PowerEdge XR4000w, PowerEdge XR4510c, PowerEdge XR4520c, Dell EMC vSAN R6515 Ready Node ...
文書のプロパティ
文書番号: 000221256
文書の種類: Solution
最終更新: 19 8月 2025
バージョン:  4
質問に対する他のDellユーザーからの回答を見つける
サポート サービス
お使いのデバイスがサポート サービスの対象かどうかを確認してください。