Hi,
I am exploring secure boot and vTPM on VMware Cloud Director.
I have NVRAM file having `cert.der` certificate embedded in it. I deploy NVRAM, OVF file and VMDK file with secure boot enabled.
Secure boot works fine. UEFI validates shim, grub, kernel using embedded `cert.der` file.
But when I add vTPM placeholder to OVF file and deploy in VCD then my NVRAM file having `cert.der` is ignored.
<Item ovf:required="false">
<rasd:AutomaticAllocation>false</rasd:AutomaticAllocation>
<rasd:ElementName>Virtual TPM</rasd:ElementName>
<rasd:InstanceID>13</rasd:InstanceID>
<rasd:ResourceSubType>vmware.vtpm</rasd:ResourceSubType>
<rasd:ResourceType>1</rasd:ResourceType>
</Item>
New NVRAM file is created without having my `cert.der` file. So secure boot fails.
When I comment out vTPM place holder then secure boot works without any issue.
Anyone has any idea why this happens?
How can I ensure that my NVRAM having cert.der file is considered when deploying VM with vTPM place holder?