TPM Attestation Not Supported after AMD Ryzen Upgrade

Question

Hi,
after Upgrading my CPU from Ryzen 5 2600 to Ryzen 7 5700x Windows Security Chip App reports "Attestation: Not Supported" but "Memory: Ready".
In die TPM Console it shows that the TPM Module is Ready for use.
The Registry Key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TPM\WMI\Endorsement\EKCertStore\Certificates is empty with the R 7 5700x but has an entry when I use my old CPU.

 

I already tried to reset TPM, CMOS and Secureboot in Bios and in Windows TPM Console.
I disabled/enabled fTPM and Secure Boot several times.
Windows 10 and Windows 11 report the same. I already did a complete reinstall.
fTPM, Trusted Computing, UEFI and Secureboot are enabled in BIOS.
Latest BIOS Updates and Windows Updates are installed.
The Windows Device Manager shows no errors. The AMD PSP 11.0 and TPM 2.0 is installed correctly.
When I switch back to my old Ryzen 5 2600 everything works.

 

My Setup:
Mainboard: ASUS TUF X470-PLUS GAMING
BIOS: Version 6042 from 2022/05/12
CPU: AMD Ryzen 7 5700x
Windows 10 x64 22H2

Answer 1

Try to configure the certificate template for TPM key attestation.

TPM Key Attestation

Answer 2

Sorry but that post applies to Windows Server.

I'm just using a standalone Windows 10 System.

Answer 3

To clarify.

I'm just a standard home user.

I dont know if I need the TPM attestation ever.

I was just wondering because my old Ryzen 5 2600 had e EKCert and the Attestation was "Ready". With my new Ryzen 5 5700x its "not supported". Memory is "ready" on both CPUs.

Does this issue impact Windows 10 or Windows 11 functionality in any standard user case?

Answer 4

Is it possible, that this issue could be the reason why my system cant get a certificate?

https://learn.microsoft.com/en-us/mem/autopilot/known-issues