Optima x561 Guide De Référence

11.  After completing the archive function, the TPM Key Archive 

(keyarchive.xml) that is now on a removable media should be stored in a 
secure location.  No copies of the keyarchive.xml should remain on the 
system.  This procedure should be repeated after any password changes or 
the addition of new users or TPM enabled software.  

12.  All passwords associated with the EMBASSY Security Center Software 

(owner, TPM Key Archive, and other passwords) are not recoverable and 
cannot be reset without the original password.  These passwords should be 
documented and stored in a secured location (vault, safe deposit box, or 
off-site storage) in case they are needed in the future.  These documents 
should be updated after any password changes. 

Restore the latest hard drive image from backup to the new hard drive – no TPM 
specific recovery is necessary. 

This procedure may restore the migratable keys from the TPM Key Archive, but 
does not restore any previous keys or content to the TPM.  This recovery 
procedure may restore access to the EMBASSY Trust Suite that is secured with 
migratable keys.  

• 

TPM Key Archive file (keyarchive.xml file created with the EMBASSY 
Security Center) 

• 

TPM Key Archive password (created with the EMBASSY Security Center) 

• 

Owner password 

• 

Working original operating system (OS) installation, or a restored image of 
the hard drive 

1.  Replace the desktop board with the same model as the failed board. 
2.  Start the original OS or restore the original hard drive image.  
3.  Start the EMBASSY Security Center. 
4.  Take ownership of the Trusted Platform Module (see Assuming Trusted 

Platform Module Ownership, steps 3 and 4 only). 

5.  To restore a TPM Key Archive, select the Key Manager icon on the left 

side of the EMBASSY Security Center and click on the Restore button. 

6.  Enter the password for the TPM Key Archive when prompted.