Troubleshoot guarded hosts
This article describes resolutions to common problems encountered when deploying or operating a guarded Hyper-V host in your guarded fabric.
Applies to: All supported versions of Windows Server
If you're unsure of the nature of your problem, first try running the guarded fabric diagnostics on your Hyper-V hosts to narrow down the potential causes.
Guarded host feature
If you're experiencing issues with your Hyper-V host, first ensure that the Host Guardian Hyper-V Support feature is installed. Without this feature, the Hyper-V host is missing some critical configuration settings and software that allow it to pass attestation and provision shielded VMs.
To check if the feature is installed, use Server Manager or run the following cmdlet in an elevated PowerShell window:
Get-WindowsFeature HostGuardian
If the feature isn't installed, install it with the following PowerShell cmdlet:
Install-WindowsFeature HostGuardian -Restart
Attestation failures
If a host doesn't pass attestation with the Host Guardian Service, it's unable to run shielded VMs. The output of Get-HgsClientConfiguration on that host will show you information about why that host failed attestation.
The table below explains the values that may appear in the AttestationStatus field and potential next steps, if appropriate.
AttestationStatus | Explanation |
---|---|
Expired | The host passed attestation previously, but the health certificate it was issued has expired. Ensure the host and HGS time are in sync. |
InsecureHostConfiguration | The host didn't pass attestation because it didn't comply with the attestation policies configured on HGS. For more information, see the AttestationSubStatus table. |
NotConfigured | The host isn't configured to use an HGS for attestation and key protection. It's configured for local mode, instead. If this host is in a guarded fabric, use Set-HgsClientConfiguration to provide it with the URLs for your HGS server. |
Passed | The host passed attestation. |
TransientError | The last attestation attempt failed due to a networking, service, or other temporary error. Retry your last operation. |
TpmError | The host couldn't complete its last attestation attempt due to an error with your TPM. For more information, see your TPM logs. |
UnauthorizedHost | The host didn't pass attestation because it wasn't authorized to run shielded VMs. Ensure the host belongs to a security group trusted by HGS to run shielded VMs. |
Unknown | The host hasn't attempted to attest with HGS yet. |
When AttestationStatus is reported as InsecureHostConfiguration, one or more reasons is populated in the AttestationSubStatus field. The table below explains the possible values for AttestationSubStatus and tips on how to resolve the problem.
AttestationSubStatus | What it means and what to do |
---|---|
BitLocker | The host's OS volume isn't encrypted by BitLocker. To resolve this, enable BitLocker on the OS volume or disable the BitLocker policy on HGS. |
CodeIntegrityPolicy | The host isn't configured to use a code integrity policy or isn't using a policy trusted by the HGS server. Ensure a code integrity policy has been configured, that the host has been restarted, and the policy is registered with the HGS server. For more information, see Create and apply a code integrity policy. |
DumpsEnabled | The host is configured to allow crash dumps or live memory dumps, which isn't allowed by your HGS policies. To resolve this, disable dumps on the host. |
DumpEncryption | The host is configured to allow crash dumps or live memory dumps but doesn't encrypt those dumps. Either disable dumps on the host or configure dump encryption. |
DumpEncryptionKey | The host is configured to allow and encrypt dumps, but isn't using a certificate known to HGS to encrypt them. To resolve this, update the dump encryption key on the host or register the key with HGS. |
FullBoot | The host resumed from a sleep state or hibernation. Restart the host to allow for a clean, full boot. |
HibernationEnabled | The host is configured to allow hibernation without encrypting the hibernation file, which isn't allowed by your HGS policies. Disable hibernation and restart the host, or configure dump encryption. |
HypervisorEnforcedCodeIntegrityPolicy | The host isn't configured to use a hypervisor-enforced code integrity policy. Verify that code integrity is enabled, configured, and enforced by the hypervisor. For more information, see Device Guard deployment guide. |
Iommu | The host's Virtualization Based Security features aren't configured to require an IOMMU device for protection against Direct Memory Access attacks, as required by your HGS policies. Verify the host has an IOMMU, that it's enabled, and that Device Guard is configured to require DMA protections when launching VBS. |
PagefileEncryption | Page file encryption isn't enabled on the host. To resolve this, run fsutil behavior set encryptpagingfile 1 to enable page file encryption. For more information, see fsutil behavior. |
SecureBoot | Secure Boot is either not enabled on this host or not using the Microsoft Secure Boot template. Enable Secure Boot with the Microsoft Secure Boot template to resolve this issue. |
SecureBootSettings | The TPM baseline on this host doesn't match any of those trusted by HGS. This can occur when your UEFI launch authorities, DBX variable, debug flag, or custom Secure Boot policies are changed by installing new hardware or software. If you trust the current hardware, firmware, and software configuration of this machine, you can capture a new TPM baseline and register it with HGS. |
TcgLogVerification | The TCG log (TPM baseline) cannot be obtained or verified. This can indicate a problem with the host's firmware, the TPM, or other hardware components. If your host is configured to attempt PXE boot before booting Windows, an outdated Net Boot Program (NBP) can also cause this error. Ensure all NBPs are up to date when PXE boot is enabled. |
VirtualSecureMode | Virtualization Based Security features aren't running on the host. Ensure VBS is enabled and that your system meets the configured platform security features. For more information about VBS requirements, see the Device Guard documentation. |
Modern TLS
If you've deployed a group policy or otherwise configured your Hyper-V host to prevent the use of TLS 1.0, you may encounter "the Host Guardian Service Client failed to unwrap a Key Protector on behalf of a calling process" errors when trying to start up a shielded VM. This is due to a default behavior in .NET 4.6 where the system default TLS version isn't considered when negotiating supported TLS versions with the HGS server.
To work around this behavior, run the following two commands to configure .NET to use the system default TLS versions for all .NET apps.
reg add HKLM\SOFTWARE\Microsoft\.NETFramework\v4.0.30319 /v SystemDefaultTlsVersions /t REG_DWORD /d 1 /f /reg:64
reg add HKLM\SOFTWARE\Microsoft\.NETFramework\v4.0.30319 /v SystemDefaultTlsVersions /t REG_DWORD /d 1 /f /reg:32
Warning
The system default TLS versions setting will affect all .NET apps on your machine. Be sure to test the registry keys in an isolated environment before deploying them to your production machines.
For more information about .NET 4.6 and TLS 1.0, see Solving the TLS 1.0 Problem, 2nd Edition.