100
Installing and setting up a TCM or TPM
Trusted platform module (TPM) is a microchip embedded in the system board. It stores encryption
information (such as encryption keys) for authenticating server hardware and software. The TPM
operates with drive encryption programs such as Microsoft Windows BitLocker to provide operating
system security and data protection. For information about Microsoft Windows BitLocker, visit the
Microsoft website at http://www.microsoft.com.
Trusted cryptography module (TCM) is a trusted computing platform-based hardware module with
protected storage space, which enables the platform to implement password calculation.
Installation and setup flowchart
Figure 115 TCM/TPM installation and setup flowchart
Guidelines
•
Do not remove an installed TCM or TPM. Once installed, the module becomes a permanent
part of the system board.
•
If you want to replace the failed TCM or TPM, remove the system board, and then contact H3C
Support to replace the TCM or TPM and the system board.
•
When installing or replacing hardware, H3C technicians cannot configure the TCM or TPM or
enter the recovery key. For security reasons, only the user can perform the tasks.
•
When replacing the system board, do not remove the TCM or TPM from the system board. H3C
will provide a TCM or TPM with a spare system board for the replacement.
•
Any attempt to remove an installed TCM or TPM from the system board breaks or disfigures the
TCM or TPM security rivet. Upon locating a broken or disfigured rivet on an installed TCP or
TPM, administrators should consider the system compromised and take appropriate measures
to ensure the integrity of the system data.
Start
Install a TPM/TCM
Enable the TPM/TCM in BIOS
Configure encryption in the operatin
system
End