I need help to decrypt a VM so that I can move it to ESXi that does not support TPM yet. The current instructions on the help pages is not accurate, as I find a message saying cannot decypt whilst TPM installed. Then I read that if TPM is removed the hard disk will be broken and all data lost.
I would appreciate instructions on how to decrypt the entire VM.
What version of Workstation are you using?
workstation pro v17.01
Some thoughts:
It's true that you can't decrypt the VM while it has a TPM device.
I'm going to assume that you did not build that Windows 11 VM using the experimental vTPM of Workstation 16. That's not going to be easy to disable so you can make the move to ESXi.
You'll probably need to remove the TPM device. But if you configured BitLocker in the VM, removing the TPM device will break the VM. Trying removing Bitlocker in the VM before attempting to make the jump to ESXi. Or make sure you have your Bitlocker recovery key that you can transport to ESX.
If you didn't use BitLocker, you might be able to remove the TPM device and then decrypt the machine. Again, that's assuming you have either done full VM encryption or the Workstation 17 "partial encryption", not the experimental Workstation 16 vTPM.
Once you transfer the VM to ESXi, then configure the TPM device.
I'd perform any actions on a copy of the VM, leaving the original alone.