A company backups up a BitLocker-encrypted Windows VM daily. After a ransomware attack, they restore the VM. The restored vTPM is seen as a “new” device by BitLocker. Windows requests the 48-digit recovery key. The admin never saved it. The server is now a brick.
govc vm.encryption.key -vm "VM-Name" | base64 -d > vm_recovery_key.bin vmware tpm encryption recovery key backup
Hence the critical need for .