Waethorn on Nostr: If you ever use Hyper-V to host Windows 11 VM's (or any VM using vTPM support), be ...

If you ever use Hyper-V to host Windows 11 VM's (or any VM using vTPM support), be sure to backup the server certificates - if you ever need to move the VM's to another system, the vTPM (a requirement for Win11) uses the certs in the server system cert store for encryption. You can back up the VM and port it over, but you'd have to disable the vTPM in the VM settings because the new system (or install of Windows, etc.) won't have the same cert, so you can't re-enable TPM support for it. New builds of Windows (like 24H2 coming soon) will likely fail the TPM check as a result. Luckily, you only have to do this once for a server machine as the certificates won't change over the lifespan of the host OS install. They don't tell you this when you do a VM backup through the Hyper-V mgmt console. I'm not sure, but I don't believe Windows Server Backup (part of RSAT) does automatic cert backups either.