0X80290112

Fix TPMAPI_E_INVALID_MIGRATION_AUTHORIZATION_BLOB (0x80290112)

Windows Errors Intermediate 👁 0 views 📅 Jun 8, 2026

That 0x80290112 error means Windows thinks your migration data is garbage. Stop overthinking it. The fix is almost always clearing and resetting TPM keys.

You might be here because a BitLocker recovery or a firmware update threw this TPM error

That 0x80290112 error — TPMAPI_E_INVALID_MIGRATION_AUTHORIZATION_BLOB — is one of those Windows errors that looks scary but usually has a simple fix. I've seen it most often after someone tried to migrate a TPM-backed VM or after a motherboard firmware update that didn't play nice with existing TPM keys. The system basically says "the blob you gave me to migrate TPM keys is trash." Here's how to kill it.

Fix 1: Clear the TPM and let Windows re-provision

This is the real fix. Clearing the TPM wipes all existing keys, including the corrupted migration blob. You'll lose BitLocker encryption keys if you haven't backed them up — so pause and make sure you have a recovery key saved outside the TPM (like a USB drive or printed).

  1. Press Win + R, type tpm.msc, press Enter.
  2. In the TPM Management console, click Clear TPM on the right-hand panel.
  3. Your system will reboot. You'll need to confirm the action in the BIOS/UEFI prompt that appears during restart.
  4. After Windows loads, open tpm.msc again. If it says "The TPM is ready for use," you're done.
  5. If you use BitLocker, re-enable it via Control Panel > BitLocker Drive Encryption.

Real-world trigger: Had a client last month whose Dell Precision laptop threw this error after a BIOS update. The TPM firmware stayed the same, but the migration data it stored before the update got corrupted. Clearing fixed it instantly.

Fix 2: Reinstall the TPM driver

If clearing the TPM didn't work — or you don't want to wipe keys yet — try this:

  1. Open Device Manager (right-click Start > Device Manager).
  2. Expand Security devices.
  3. Right-click Trusted Platform Module 2.0 and select Uninstall device. Check the box to delete the driver software if prompted.
  4. Reboot. Windows will reinstall the driver automatically.
  5. Run tpm.msc to verify it's working.

This forces Windows to re-provision the TPM without clearing existing keys. It works when the error is caused by a stale driver cache, not actual key corruption.

Fix 3: Reset TPM via PowerShell (for advanced users)

If the GUI tools are being stubborn, use PowerShell as admin:

Clear-Tpm -Force
Initialize-Tpm -AllowClear

Then reboot. The -Force flag bypasses the confirmation prompt, so be careful. This does the same thing as clearing from tpm.msc, but sometimes the console fails silently and PowerShell doesn't.

Why this error happens

The TPM stores keys and has a migration authorization blob — basically a signed data structure that says "it's okay to move this key to another TPM." When that blob gets corrupted (bad BIOS update, interrupted migration, driver issues), Windows can't validate it and throws 0x80290112. The TPM itself is usually fine; it's just the metadata that's broken.

I've seen it happen most often with:

  • Firmware updates that touch TPM firmware (like Intel PTT or AMD fTPM)
  • Virtual machine migrations where the source and host TPMs don't match
  • BitLocker recovery scenarios where someone tried to export keys manually

Less common variations

Sometimes the error shows up during a tpmtool check or when running Get-Tpm in PowerShell. In those cases, the TPM is actually healthy — you just need to reprovision. Run Initialize-Tpm -AllowClear -Force from an elevated prompt, then check with Get-Tpm. If it still says NotReady, you might have a BIOS setting blocking changes.

Another variant: the error pops up when trying to enable BitLocker after a TPM clear. That's because the TPM's endorsement key (EK) hasn't been initialized. Go to tpm.msc, click Prepare the TPM — it's a one-click fix.

Preventing this from coming back

Three things:

  1. Back up your BitLocker recovery keys before any BIOS or firmware update. Save them to a file on a different drive or print them. Microsoft accounts store them automatically if you're signed in with one.
  2. Keep TPM driver up to date — check your motherboard or OEM site for TPM firmware updates. Intel PTT and AMD fTPM both get firmware patches.
  3. Don't mess with TPM migration manually unless you really know what you're doing. The error message is blunt: you gave it bad blob data. Let Windows handle migration via tools like Disable-TpmAutoProvisioning only if you have a specific reason.

Clearing the TPM is safe and quick. It's the first thing I try, and it works 9 times out of 10. You won't break anything — you'll just lose keys that you should already have backed up. If you're paranoid, do the driver reinstall first. But honestly, just clear it and move on.

Was this solution helpful?

TPM error 0x80290112 TPMAPI_E_INVALID_MIGRATION_AUTHORIZATION_BLOB TPM migration fix clear TPM reset TPM keys BitLocker TPM error Windows TPM issue TPM provisioning TPM driver fix fix TPM error 0x80290112 TPM blob invalid migration authorization blob