Quick blog to remind myself what the correct combination of options are to run Windows 10 Pro x64 with secure boot enabled within VMWare Fusion. Couple of reason why you’d want to do this:
- Avoid a secondary dedicated laptop
- Avoid having a physical TPM chip
- Get familiar with Hyper-V
- Better understand and research secure boot
- Get more familiar with memory analysis on hypervisor memory
- Just for fun
Fusion settings
- Enable EFI by adding the following to the ‘.vmx’ file
- firmware = “efi”
- Enable VT-x/EPT
- can be found in setting under “Processors & Memory”, “advanced settings”
- Choose OS type “Hyper-V (unsupported)”
Windows 10 Pro x64 (host) settings
- Right click on the windows start menu icon and select
- Programs and Features
- Turn Windows features on or off
- Select the Hyper-V role
- Programs and Features
- Using the Hyper-V Manager create a “Generation 2” VM
- In Settings -> Security check the “Enable Trusted Platform Module” checkbox
- When booting hold down a key or it won’t detect the installation ISO
Windows 10 Pro x64 (guest) settings
- Right click on the C drive and select “Enable bitlocker”
- Add a second hard disk and create a folder on it to save the bitlocker recovery key
References
- https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2128765
- https://blogs.technet.microsoft.com/canitpro/2015/09/08/step-by-step-enabling-hyper-v-for-use-on-windows-10/
DiabloHorn 