on my Tablet (TrekStor SurfTab Duo W1 WiFi) i upgraded Windows 10 Home to Windows 10 Pro specially to be able to use BitLocker.
now it turns out, that BitLocker isn’t able to encrypt my internal system drive C:
to me for an unknown reason.
but i can force to ask for a PIN via BitLocker policies.
and when i do the encryption of drive c: without let BitLocker check the system first, after a reboot, i’ll get asked for the PIN – so far so good, but then after the it looks like Windows will boot as usual, windows boots into recovery mode and prepares the recovery decryption of drive C: and asking me for the long BitLocker recovery key.
system recovery is enabled and working,
TPM 2.0 is avtive and working – that’s, what tpm.msc is telling.
the PIN is working as well, when i want to have a PIN.
i only have trouble with system drive C:
any hints, how i can manage BitLocker encrypting my system drice C: ?
fixed: in the UEFI settings menu (aka BIOS) i disabled Secure Boot and re-enabled that option again.
then a question popped up with the choice to reset the secure keys to factory defaults. i one time i said NO and one time i said YES.
after saving changes, exiting the UEFI settings menu and boot into windows, the encryption of the windows system drive started automatically.
no idea, what exactly did the trick.
upgrade to Windows 10 Pro 1703 (10.0.15063.296),
turning Secure Boot off and on again,
or resetting secure keys to factory defaults.