This is an automated email from the ASF dual-hosted git repository.
harikrishna pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/cloudstack-documentation.git
The following commit(s) were added to refs/heads/main by this push:
new 31baeb84 Add vTPM notes for Xenserver/XCP-ng (#617)
31baeb84 is described below
commit 31baeb84abc2594208968af1506bb4beadacb9f7
Author: Pearl Dsilva <[email protected]>
AuthorDate: Mon Mar 30 07:38:03 2026 -0400
Add vTPM notes for Xenserver/XCP-ng (#617)
* Add vTPM notes for Xenserver/XCP-ng
* add additional note for UEFI/Secure boot
---
source/adminguide/virtual_machines.rst | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/source/adminguide/virtual_machines.rst
b/source/adminguide/virtual_machines.rst
index 0e463b96..3a07f40a 100644
--- a/source/adminguide/virtual_machines.rst
+++ b/source/adminguide/virtual_machines.rst
@@ -1190,9 +1190,8 @@ UEFI setting
- On Vmware, the boot type must be set to UEFI. Boot mode can be SECURE
(recommended) or LEGACY.
- On KVM, it is recommended to set boot type to UEFI, and boot mode to SECURE.
- UEFI is required for some Windows versions.
-
-|vm-settings-virtual-tpm-model-kvm.png|
-TPM model for KVM. There are two options:
+- On XenServer amd XCP-ng, the boot type must be set to UEFI, boot mode can be
SECURE or LEGACY. vTPM is supported on XenServer 8.3 and later versions and
XCP-ng 8.4 and later versions. vTPM can be enabled by setting the
virtual.tpm.enabled setting on the template or vm instance as done on VMware.
+- For XenServer and XCP-ng, to boot Windows VMs in UEFI Secure more, the host
needs to have Microsoft UEFI Secure Boot certificates installed. Run
`secureboot-certs install` on the host to install them. This makes certificates
available to OVFM, QEMU, shim tooling.
- tpm-tis, TIS means TPM Interface Specification;
- tpm-crb, CRB means Command-Response Buffer.
