HP Trusted Platform Module option

This server supports both TPM 1.2 and TPM 2.0. However, once the TPM version 1.2 is installed on the system board, it can no longer be upgraded to TPM version 2.0.

For more information about product features, specifications, options, configurations, and compatibility, see the product QuickSpecs on the HPE website .

Use these instructions to install and enable a TPM on a supported server. This procedure includes three sections:

  1. Installing the Trusted Platform Module board.
  2. Retaining the recovery key/password.
  3. Enabling the Trusted Platform Module.

    Enabling the TPM requires accessing BIOS/Platform Configuration (RBSU) in the UEFI System Utilities.

TPM installation requires the use of drive encryption technology, such as the Microsoft Windows BitLocker Drive Encryption feature. For more information on BitLocker, see the Microsoft website.

CAUTION: Always observe the guidelines in this document. Failure to follow these guidelines can cause hardware damage or halt data access.

When installing or replacing a TPM, observe the following guidelines:

  • Do not remove an installed TPM. Once installed, the TPM becomes a permanent part of the system board.
  • When installing or replacing hardware, Hewlett Packard Enterprise service providers cannot enable the TPM or the encryption technology. For security reasons, only the customer can enable these features.
  • When returning a system board for service replacement, do not remove the TPM from the system board. When requested, Hewlett Packard Enterprise Service provides a TPM with the spare system board.
  • Any attempt to remove an installed TPM from the system board breaks or disfigures the TPM security rivet. Upon locating a broken or disfigured rivet on an installed TPM, administrators should consider the system compromised and take appropriate measures to ensure the integrity of the system data.
  • When using BitLocker, always retain the recovery key/password. The recovery key/password is required to enter Recovery Mode after BitLocker detects a possible compromise of system integrity.
  • Hewlett Packard Enterprise is not liable for blocked data access caused by improper TPM use. For operating instructions, see the encryption technology feature documentation provided by the operating system.