HPE Trusted Platform Module 2.0 Gen10 option
Overview
Use these instructions to install and enable an HPE TPM 20 Gen10 Kit in a supported server. This option is not
supported on a Gen9 and earlier server.
This procedure includes three sections:
1. Installing the Trusted Platform Module board.
2. Enabling the Trusted Platform Module.
3. Retaining the recovery key/password.
HPE TPM 
20 installation is supported with specific operating system support such as Microsoft Windows Server 2012 R2
and later. For more information about operating system support, see the product QuickSpecs on the Hewlett Packard
Enterprise website (https://www.hpe.com/info/qs). For more information about Microsoft Windows BitLocker Drive
Encryption feature, see the Microsoft website (
https://www.microsoft.com).
CAUTION: If the TPM is removed from the original server and powered up on a 
dierent server, data stored in the
TPM including keys will be erased.
IMPORTANT: In UEFI Boot Mode, the HPE TPM 20 Gen10 Kit can be configured to operate as TPM 20 (default)
or TPM 12 on a supported server. In Legacy Boot Mode, the configuration can be changed between TPM 12 and
TPM 20, but only TPM 12 operation is supported.
HPE Trusted Platform Module 2.0 guidelines
CAUTION: Always observe the guidelines in this document. Failure to follow these guidelines can cause hardware
damage or halt data access.
Hewlett Packard Enterprise SPECIAL REMINDER: Before enabling TPM functionality on this system, you must ensure
that your intended use of TPM complies with relevant local laws, regulations and policies, and approvals or licenses must
be obtained if applicable.
For any compliance issues arising from your operation/usage of TPM which violates the above mentioned requirement,
you shall bear all the liabilities wholly and solely. Hewlett Packard Enterprise will not be responsible for any related
liabilities.
When installing or replacing a TPM, observe the following guidelines:
• Do not remove an installed TPM. Once installed, the TPM becomes a permanent part of the system board.
• When installing or replacing hardware, Hewlett Packard Enterprise service providers cannot enable the TPM or the
encryption technology. For security reasons, only the customer can enable these features.
• When returning a system board for service replacement, do not remove the TPM from the system board. When
requested, Hewlett Packard Enterprise Service provides a TPM with the spare system board.
• Any attempt to remove the cover of an installed TPM from the system board can damage the TPM cover, the TPM,
and the system board.
Hardware options installation
104