I'm running into an error that I can't seem to resolve. Setup:
Dell R640 running 7.0U3 with Vcenter 7.0U3
In Vcenter I added a native key provider and backed it up. The native key providers looks OK.
I create a new VM with a Virtual TPM and it it returns this error.
A general runtime error occurred. Key provider vTPM2 is not compatible with the host Reason: The host does not support Native Key Provider
I have tried deleting the native key provider and creating a new one but that hasn't helped. Looks like a Vcenter bug?
That sounds like you are trying to do encryption on the host which will use TPM, vTPM will be just for your VM's.
--Alan--
Not exactly. From the VM, I add TPM, and after I click complete, I receive that error message.
Hmm, thats odd. It almost sounds like licensing. I'm not sure what level the host needs to be at, I think vcenter TPM can be added with any license level. Something to check on.
--Alan--
I have the appropriate license.
Is your host part of a cluster ?
--Alan--
It's not part of a cluster. I have 2 hosts attached to attached to Vcenter. One running 6.5 (currently turned off) and one running 7 u3.
Pretty sure that is the issue then. Hosts have to be in a cluster for TPM.
--Alan--
Yeah, it needs to be in a cluster.
OH! Thank you, that wasn't obvious to me. This is running in my lab (single host with Vcenter). It doesn't look like I can configure a cluster with Vcenter running on the lone host?
You should be able to have a single host in a cluster, its just a little unusual to do so.
--Alan--
It asked me to put the host in maintenance mode which means shutting down the VMs. Is that chicken/egg scenario?
I've never tried that, but I would probably let it go ahead and if you don't have vcsa set to automatically run at start then you will have to go to the host gui and start vcsa manually after it adds to the cluster.
--Alan--
Hello,
I seeing the same thing running vSphere Essentials, VMware ESXi, 7.0.3, 18644231 on a Dell R640, BIOS Version 2.12.2
A general runtime error occurred. Key provider [name of key] Key is not compatible with the host [host name]. Reason: "The host does not support Native Key Provider."
My understanding is vTPN should work an any licence and you don't need HA.
Thanks
And your host is part of a cluster ?
--Alan--
Hi Alan,
Thanks for your reply.
No it's not, I'm running vSphere Essentials so I don't have the option.
My understanding is you don't need a cluster if you're just using vTPM.
I'm thinking you can't use the native provider without vcenter. Maybe you could use standard with KMS.
--Alan--
I have created a cluster in Vcenter and added a single host to the cluster. The vTPM can now be added to VMs on that host. Seems like an arbitrary limit and/or bug to restrict this to hosts in a cluster.