+1
Hi,
when I want to restore a VM with vTPM module, the certificate changes when I switch on the VM and I have to enter a recovery key
what is the correct way to restore a VM with TPM module correctly? Are there any settings missing here or is there something that needs to be taken into account on the VMware side?
+14
Hi Sven,
When a VM is restored from backup, the VM data is not encrypted. You must apply the appropriate VMware storage policy to re-enable encryption for the VM.
Ref: https://documentation.commvault.com/2023e/expert/vmware_encryption_for_virtual_machines.html
Requirements wise, If the VSA is a VM using HotAdd Transport then it must be encrypted and we need the following privileges in the service account:
Cryptographic Operations > Add Disk
Cryptographic Operations > Direct Access
Cryptographic Operations > Encrypt
Best Regards,
Michael
+1
Hi Michael,
thank you.
We do not use a vm encryption policy.
It is only a VM with a tpm module.
The module is also correctly added back to the VM during the restore, but the certificate is then swapped and no longer appears to be from the vCenter CA.
Best regards
Sven
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.
