• ×
    Information
    Windows update impacting certain printer icons and names. Microsoft is working on a solution.
    Click here to learn more
    Information
    Need Windows 11 help?
    Check documents on compatibility, FAQs, upgrade information and available fixes.
    Windows 11 Support Center.
  • post a message
  • ×
    Information
    Windows update impacting certain printer icons and names. Microsoft is working on a solution.
    Click here to learn more
    Information
    Need Windows 11 help?
    Check documents on compatibility, FAQs, upgrade information and available fixes.
    Windows 11 Support Center.
  • post a message
Guidelines
Any failures related to Hotkey UWP service? Click here for tips.
Check out our WINDOWS 11 Support Center info about: OPTIMIZATION, KNOWN ISSUES, FAQs, VIDEOS AND MORE.
HP Recommended
HP Elitedesk 800 G1

Hi all,

 

I'm currently preparing the rollout of Windows 10 1909 for our clients and ran into an issue with the HP EliteBook G1 desktop. When I load the initial W10 1909 build from October 2019, Bitlocker can encrypt the disk and everything works fine. After applying the November 2019 upgrade (or newer, doesn't matter) Bitlocker is unable to resume protection. When I try to resume Bitlocker, I get "An internal error has occurred within the Trusted Platform Module support program".

I've applied the latest BIOS and also the latest available TPM Firmware (TPM 1.2). I also cleared the TPM.

TPM Settings in the BIOS are as follows:

Tpm PPI policy changed by OS allowed
  Disable
  *Enable
Tpm measure boot variables/devices to PCR1
  *Disable
  Enable
Tpm No PPI provisioning
  Disable
  *Enable
Tpm No PPI maintenance
  *Disable
  Enable

Any hint what I'm doing wrong?

1 ACCEPTED SOLUTION

Accepted Solutions
HP Recommended

Ok, found the cause of the issue. Reading [edit]guided me to the solution. Looks like this behavior is a side effect when System Guard Secure Launch is set in the domain via Policy. I have now disable Secure Launch and restaged the device and... voilà, Bitlocker is working again with 1909 and latest cumulative updates. 

View solution in original post

1 REPLY 1
HP Recommended

Ok, found the cause of the issue. Reading [edit]guided me to the solution. Looks like this behavior is a side effect when System Guard Secure Launch is set in the domain via Policy. I have now disable Secure Launch and restaged the device and... voilà, Bitlocker is working again with 1909 and latest cumulative updates. 

† The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the <a href="https://www8.hp.com/us/en/terms-of-use.html" class="udrlinesmall">Terms of Use</a> and <a href="/t5/custom/page/page-id/hp.rulespage" class="udrlinesmall"> Rules of Participation</a>.