HPE Community
Servers - General
1823084 Members
3466 Online
109646 Solutions
New Discussion

how to disable tpm via redfish

 
Chava1
Member

‎11-09-2023 02:11 AM - last edited on ‎11-15-2023 06:51 PM by

‎11-09-2023 02:11 AM - last edited on ‎11-15-2023 06:51 PM by

how to disable tpm via redfish

I saw  HP Redfish documentation that I have to use this field to disable/ enable the tpm:

TpmOperation (TPM 1.2 Operation) Member of Bios.v1_0_0.Bios

    Description Use this option to enable the Trusted Platform Module and BIOS secure startup. When enabled, the TPM is fully functional. When disabled, the TPM is visible; however, functionality is limited. This option also enables you to reset the TPM to factory settings, which clears any assigned passwords, keys, or ownership data. Clearing the TPM can prevent the server from booting to a TPM-aware operating system if the operating system uses TPM's measurements. Type Enumeration Read Only False Value Description NoAction No Action Enable Enable Disable Disable Clear Clear

but when I try to get the tpm information from redfish there is no field for"TpmOperation"

➜ ~ curl -k -s GET {}/redfish/v1/Systems/1/bios -u xxx:xxxx| jq |grep "Tpm" "Tpm20SoftwareInterfaceStatus": "Fifo", "Tpm2Operation": "NoAction", "TpmActivePcrs": "Sha256Sha384", "TpmChipId": "STMicroGen11", "TpmState": "PresentEnabled", "TpmUefiOpromMeasuring": "Enabled", "TpmVisibility": "Visible",

 

 there is a field for Tpm2Operation but in this field, I can just clear and not disable/enable:

 

Tpm2Operation (TPM 2.0 Operation)Member ofBios.v1_0_0.Bios

    Description Use this option to perform a clear operation on the TPM. Clearing the TPM can prevent the server from booting to a TPM-aware operating system if the operating system uses TPM's measurements. TPM 2.0 is only supported in UEFI Mode. Type Enumeration Read Only False Value Description NoAction No Action Clear Clear

 

Can you please tell me how can I disable my tpm?

0 Kudos
Reply
3 REPLIES 3
Suman_1978
HPE Pro

‎11-10-2023 03:07 AM

‎11-10-2023 03:07 AM

Re: how to disable tpm via redfish

Hi,

How about show tpm [pnum=0]

The disable tpm [pnum=0] command disables the Trusted Platform Module (TPM) on the next boot.

https://hewlettpackard.github.io/python-redfish-utility/#trusted-platform-module-tpm

Thank You!
I work with HPE but opinions expressed here are mine.
HPE Tech Tips videos on How To and Troubleshooting topics



I work at HPE
HPE Support Center offers support for your HPE services and products when and how you need it. Get started with HPE Support Center today.
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]
Accept or Kudo
0 Kudos
Reply
Chava1
Member

‎11-11-2023 11:34 AM

‎11-11-2023 11:34 AM

Re: how to disable tpm via redfish

Thanks,
The link you put here is to disable tpm using ilorest and I am asking about disabling tpm using redfish

0 Kudos
Reply
Bunsol
HPE Pro

‎11-14-2023 06:05 PM

‎11-14-2023 06:05 PM

Re: how to disable tpm via redfish

We do see this option to disable TPM in ILO rest but not sure on other Redfish API platforms. Other options include from BIOS however that depends on the generation of the server.
I see in your query that this is for a Gen11 and hence would recommend to raise a support ticket as this being a fairly new generation of server.


If you feel this was helpful please click the KUDOS! Thumbs below!

I work at HPE
HPE Support Center offers support for your HPE services and products when and how you need it. Get started with HPE Support Center today.
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]
Accept or Kudo
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.