TPM System Fundamentals Testing Prerequisites
This section describes the tasks that you must complete before you run Trusted Platform Module (TPM) system fundamentals tests by using the Windows Hardware Certification Kit (Windows HCK). These are settings that you must establish one time before running the TPM tests.
Before you run the TPM system fundamentals tests:
-
Open Tpm.msc and check whether state is “TPM is ready for use”. If it is not, clear the TPM from the TPM MMC console and then prepare the TPM. Make sure that TPM is enabled, active, and owned.
-
Set the NoPPIClear flag so that you do not have to press F12 for every test:
-
Open a command prompt that has administrative privileges. At the command prompt, type the following:
$Tpm = Get-WmiObject -class Win32_Tpm -namespace "root\CIMv2\Security\MicrosoftTpm" $ConfirmationStatus = $Tpm.GetPhysicalPresenceConfirmationStatus(22).ConfirmationStatus if($ConfirmationStatus -ne 4) {$Tpm.SetPhysicalPresenceRequest(18)} -
Reboot the computer and accept changes by pressing F12.
-
Reboot the computer again.
-
Open a command prompt that has administrative privileges. At the command prompt, type the following:
-
Ensure SecureBoot configuration and Debug policy are set according to each test requirement. Open a command prompt that has administrative privileges. At the command prompt, open msinfo32 and check the following:
-
Secure boot State: ON (ON by default unless exclusively asked to set it to OFF)
-
PCR7 configuration: Bound or Binding possible
-
Secure boot State: ON (ON by default unless exclusively asked to set it to OFF)
Software/Hardware Prerequisite: Firmware based TPM or Discrete TPM.
See Also
Show: