Explanation
The Trusted Platform Module (TPM) for the system is not functioning.
User Response
Important: Confirm that the system is running on at least one other node before you
commence this repair. Each node uses its TPM to securely store encryption keys on its boot drive.
When the TPM or boot drive of a node is replaced, the node loses its encryption key, and must be
able to join an existing system to obtain the keys. If this error occurred on the last node in a
system, do not replace the TPM, boot drive, or node hardware until the system contains at least one
online node with valid keys.
- Shut down the node and remove the node hardware.
- Locate the TPM in the node hardware and ensure that it is correctly seated.
- Reinsert the node hardware and apply power to the node.
- If the error persists, replace the TPM with one from FRU stock.
- If the error persists, replace the system board or the node hardware with one from FRU
stock.
You do not need to return the faulty TPM to IBM.
Note: It is unlikely that the failure of a TPM can cause the loss of the System Master Key (SMK):
- The SMK is sealed by the TPM, using its unique encryption key, and the result is stored on the
system boot drive.
- The working copy of the SMK is on the RAM disk, and so is unaffected by a sudden TPM
failure.
- If the failure happens at boot time, the node is held in an unrecoverable error state because
the TPM is a FRU.
- The SMK is also mirrored by the other nodes in the system. When the node with replacement TPM
joins the system, it determines that it does not have the SMK, requests it, gets it, and then seals
with the new TPM.