Inability to download Windows 11 due to ‘SecureBoot or TPM 2.0 error? Here’s how to enable both, as well as an easy solution that eliminates the requirement for it completely.
With the launch of Windows 11, users across the world are all excited and thrilled. The new interface is attractive, refreshing and user-friendly for the majority of users. But, before you take the leap there are a few points you should be aware of.
Many users have reported experiencing problems when setting up Windows 11 through the setup or when verifying if their computer supports Windows 11 using the PC health check application.
Table of Contents
Common Windows 11 Compatibility Errors
If you’re experiencing an ‘This computer isn’t able to operate Windows 11’ error in the PC Health Check app, then these are the most likely errors you’re seeing. Learn more about each error means.
2.0. TPM 2.0 must be enabled and enabled on this computer.
If you’re experiencing an TPM 2.0 compatibility issue within Windows 11, then you must enable it in the BIOS settings of your computer. If you’ve recently upgraded your hardware, it’s likely that your system will be equipped with TPM 2.0 support. If it doesn’t, you might need to find a way to get around this TPM 2.0 requirements for Windows 11 (as described in the next section).
Read – What is TPM 2.0 Requirement in Windows 11
This processor doesn’t available by Windows 11
The minimum system requirements to run Windows 11 states that you must have an 8th generation Intel processor or higher in order to run Windows 11. The majority of Intel Core processors below 8th generation aren’t compatible with the most recent version of Windows no longer.
Check out the list of processors supported for each manufacturer of hardware over here: AMD | Intel | Qualcomm.
The computer must be able to be able to support Secure Boot
Windows 11 requires that you’ve Secure Boot installed on your computer in order to run the most recent version of Windows. Fortunately, Secure Boot is supported by a variety of operating systems, and the chances you have a PC that is compatible, but it isn’t. The easiest way to confirm Secure Boot support on your PC is to start it up in BIOS and check if the BIOS security settings provide an option for you to activate Secure Boot on your system.
The system disk must be at least 64 GB or larger
It is the Windows 11 PC Health Check application also measures how big the partition on your disk in which you are using Windows installed. If it’s less than 64GB then you must increase the size of the partition to 64 GB or greater in order for the installation of Windows 11 on your system. You can also decide for installing Windows 11 on another disk partition of your system while you install Windows 11 from a bootable USB drive.
Fixing ‘Secure Boot’ Error
Many users have experienced the “This PC cannot Run Windows 11′ error with “The PC must be able to support Secure Boot’ mentioned as the reason for running Windows 11. Windows 11 installer.
In this scenario you must enable “Secure Boot” from your BIOS settings. Before you do this is essential to know what it is all about.
What is Secure Boot?
It is a type of security developed to ensure that your PC starts only using the software that is backed to be trusted by OEM (Original Equipment Manufacturer). It blocks malicious malware or software from starting upon starting the PC. If the setting is turned on only drivers with an official certificate from Microsoft will be loaded.
How to Enable Secure Boot in BIOS Settings
NOTE: The process below is applicable to the HP laptop. The keys for accessing different choices and interface could be different for different manufacturers. But the basic idea remains the same. Go through the instruction manual that came with the system , or browse on the internet to find the keys and gain a familiar with the interface.
For enabling Secure Boot, shut down the system, then restart it up again. When the screen is lit then hit the
ESC key to open the ‘Startup Menu’.
After that, press then the
key F10 key to open the “BIOS Setup’. The keys you will are able to see below for accessing the various options may differ for your particular computer. Check the keys on the computer’s screen or browse the internet for the model of your computer.
Then, go to the tab ‘Advanced’ in the “BIOS Setup”.
If you see the option ‘Secure Boot’ grayed out, it’s a sign that the present ‘Boot Mode’ has been set to ‘Legacy’..
To open the Secure Boot option, click the “UEFI Native (Without CSM) option under “Boot Mode Then, tick the box for “Secure Boot’.
When you click the box, you will be required to confirm the modification. Click on ‘Accept’.
Then, click “Save” at the bottom of the page to save the new settings. Then, reboot your PC.
“SecureBoot” is now activated in your computer.
NOTE: After enabling ‘SecureBoot the system may not be able to start the system, which was my experience. So, go to the menu ‘Start Up’ after restarting your system, select the ‘Boot Device Option and then select the USB drive that you flashed Windows 11 on, and proceed to the installation.
How to Enable TPM 2.0 in BIOS Settings
Another of the specifications for the system in Windows 11 is support for TPM 2.0. It is possible that the Windows 11 installer displays an “The PC must support TPM 2.0” error if you run the installer inside Windows only, and not via an bootable USB. In this case, it will display an error message that reads “This PC can’t run Windows 11” error.
It’s a breeze to turn on TPM 2.0 within your BIOS’s settings. Before proceeding by enabling “TPM 2.0 in the BIOS it is important to check the current status of TPM 2.0 on the system.
To check the status of TPM 2.0′, press
Windows + R to open the command ‘Run’, type
tpm.msc in the text box, and after that or click on OK or hit
Enter to open the dialog for TPM management.
Then, look at the section ‘Status. If it says “The TPM is ready to use’, then it’s activated.
If you get the message “Compatible TPM could not be located”, it’s time you enable it in your BIOS settings.
NOTE: The process may differ for different brands It is recommended to go to the support site of the hardware manufacturer in the event that the steps below don’t apply to your particular system.
To enable the ‘TPM 2.0 To enable ‘TPM 2.0’, restart your PC and then press the
key ESC button as soon as the screen is lit up to open the ‘Startup Menu’. The screen will display the different options available in the various menus. Choose the option for ‘BIOS Setup’ , and hit it. In my instance (HP Laptop) I used it was the
key F10. key.
There are now multiple tabs at the top. Navigate to the Security tab.
Under the tab ‘Security Select the “TPM Emdedded Security” option.
NOTE: In some cases the option might be grayed out. To gain access to the option, you’ll need set up a ‘BIOS Administrator Password’. After you’ve set up your password, then you will be able to access the TPM as well as the other options that had been grayed out prior to.
Then, select the option ‘TPM Device’ and change it to “Available”. Then, click “Save” at the bottom of the page to apply the modifications.
TPM is now available on your personal computer.
How to Bypass ‘Secure Boot’ and ‘TPM 2.0’ Requirements of Windows 11
If you’re hesitant to change your BIOS settings, then there’s an easy solution to help you. By doing this, you’ll be able to bypass enabling ‘Secure Boot or TPM 2.0 on your PC and get around all Windows 11 security requirements without any difficulty.
What’s the solution? We’ll use the Windows 10 ISO, mount it on the system, and then copy the
appraiserres.dll from the source folder to the folder’sources’ of the bootable Windows 11 ISO USB drive. This bypasses the latest security checks that are part of the system specifications for Windows 11. Windows 11 installer.
To begin, download the Windows 10 ISO file from Microsoft. After that, right-click it and choose the option ‘Mount’ in the contextual menu. It could take some time.
Then, go to the drive mounted and start the folder’sources.
Copy and locate appraiserres.dll. Copy and paste it into the
appraiserres.dll file from the Windows 10 ISO ‘sources’ folder.
Then, go through the USB drive that you used to flash Windows 11 and open the source folder. After that, right-click the empty part and choose “Paste” in the contextual menu. It is also possible to use to use the
CTRL + V keyboard shortcut to copy the files.
appraiserres.dll file that we’re copying will be in the Windows 11 ‘sources’ folder and you’ll see an ‘Replace or skip files dialog box. Make sure that you select the ‘Replace the files to the destination’ option , and allow it to finish. It is essential to replace the file.
After the file has been deleted, reboot the system to start installing Windows 11 through the ‘Boot Device Options’ in the “Startup Menu” as you planned. The error message won’t be displayed regarding the ‘Security Boot and TPM 2.0’ anymore.
Installing Windows 11 on a Legacy BIOS?
If you have an extremely old Windows PC that has an operating system that doesn’t offer the option of enabling Secure Boot, then there’s another option in order to download Windows 11 on an old computer.
What you need to create is an USB drive that is bootable Windows 10 USB drive and then replace the
install.wim files from the’sources’ folder to it’s
install.wim from the source folder of the Windows 11 ISO image. Below is the link to our comprehensive guide to that.
Tutorial TUTORIAL How to install Windows 11 on a Legacy BIOS with no Secure Boot
With no hurdles in any way, you can download Windows 11 and enjoy the attractive and refreshing interface that it offers. Additionally, you’ll be among the first to experience a hands-on Windows 11 experience. Make sure you are ready to boast about it!