How to Enable TPM and Secure Boot to Install Windows 11 on VMWare Workstation?

When a new version of your favorite operating system comes out, you’d probably try it on a virtual machine first and take it on a spin. Only when you think that you’d like it that you install it on your daily driver.

But when Windows 11 came out, many were dismayed about requiring TPM 2.0 just to install it. Not all Hypervisors can support this requirement, physical or otherwise. But if you have VMWare Workstation, then you’re in luck because VMWare can enable TPM and Secure Boot on Windows 11 VMs.

In this guide, you’ll learn how to enable TPM and Secure Boot on a VMWare Workstation VM so you can install Windows 11.

Create a New VM

Assuming you have VMWare Workstation Pro on your computer, preferably version 15 and newer, here are the steps to create the VM and enable TPM and Secure Boot.

1. Open VMWare Workstation Pro on your computer.
2. On the Home tab, click Create a New Virtual Machine.
   
3. While you can customize the new VM at this point, it still wouldn’t let you enable TPM. So, let’s choose Typical (recommended) for now and click Next.
   
4. On the Guest Operating System Installation step, select the I will install the operating system later option and click Next. This option will give you full control over when and how to install Windows 11 later.
   
5. Select Microsoft Windows as the guest operating system and Windows 10 and later x64 as the version.
   
6. Specify the virtual machine name and location. The location changes automatically as you change the VM name. Click Next.
   
7. Enter the maximum disk space, which will be the virtual hard drive’s size. Choose whether to store the virtual disk in a single file or split it into multiple smaller files. Click Next.
   
8. Review the VM details and click Finish.
   

Activate TPM and Enable Secure Boot

Once the VM is created, you still need to do some steps to enable TPM and Secure Boot. No, you don’t need to enable TPM in BIOS because your VM doesn’t even have a TPM device yet. Let’s change that!

1. On the VMWare Workstation main window, click the new VM and click Edit virtual machine settings.
   
2. Under the Options tab, select Access Control → Encrypt. Enter the VM password and click Encrypt.
   
3. Next, click Advanced and tick Enable secure boot.
   
4. Now that the VM is encrypted let’s add the TPM device to the VM. Click Add → Trusted Platform Module → Finish.
   
5. Once you’ve added the TPM device, click OK.
   
6. You should now see a Trusted Platform Module under your VM’s devices list.
   

Install Windows 11 and Verify TPM Settings

After you have enabled TPM and Secure Boot on the virtual machine, you can install Windows 11 as you normally would.

1. Make sure to insert the Windows 11 installation media (ISO or physical media). In this example, we’re using a Windows 11 21H2 ISO. Once the media is inserted, click Power on this virtual machine.
   
2. Proceed to install Windows 11 on your virtual machine. You got this!
   
3. When the Windows 11 setup is complete, and you can log in to the desktop, open the Device Manager window to confirm the presence of the Trusted Platform Module.
   
4. To check the TPM Status, open the TPM management console. Open the run dialog and run this command:

   tpm.msc

   
   And you should see the TPM status, similar to the screenshot below.
   

Conclusion

You can now start using Windows 11 in a VMware VM. Explore its features, test your applications’ compatibility, write code, and so on. Running a new OS in a VM helps you avoid wiping your computer for installation even before you are sure the new OS is a good fit.

If it turns out that you don’t like or can’t use Windows 11, at least all you have to do is power down the VM and delete it from your host computer.