If you try to run BitLocker on a VM you will receive this error:
This because you have to create a group policy allowing Bitlocker running without a compatible TPM. My VM is not joined to a domain, so I enabled this policy on Local Group Policy (gpedit.msc):
“Local Group Policy\Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives\Require additional authentication at startup”
Next step is to create the virtual floppy in “Hyper-V Manager” using Actions menu.
Mount the just created floppy image on the VM and format it.
You are now ready to enable BitLocker but you need to do it from a command line, because the build in tool only work when you use TPM or USB stick.
Run as administrator this command:
cscript c:\Windows\System32\manage-bde.wsf -on C: -rp -sk A:
Save somewhere the Numerical Password in case of recovery.
After a reboot the computer will start encrypting the disk.
When the disk is fully encrypted, you can reboot the VM in unattended mode until the floppy is mounted. If you dismount the floppy, your machine do not boot, asking for floppy or for recovery key:
Remember, on Windows Server, Bitlocker is a feature to install: