diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
index f71bb21f09..16d6f54f66 100644
--- a/src/qemu/qemu_process.c
+++ b/src/qemu/qemu_process.c
@@ -6393,8 +6393,6 @@ qemuProcessSEVCreateFile(virDomainObjPtr vm,
 static int
 qemuProcessPrepareSEVGuestInput(virDomainObjPtr vm)
 {
-    qemuDomainObjPrivatePtr priv = vm->privateData;
-    virQEMUCapsPtr qemuCaps = priv->qemuCaps;
     virDomainSEVDefPtr sev = vm->def->sev;
 
     if (!sev)
@@ -6402,13 +6400,6 @@ qemuProcessPrepareSEVGuestInput(virDomainObjPtr vm)
 
     VIR_DEBUG("Preparing SEV guest");
 
-    if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_SEV_GUEST)) {
-        virReportError(VIR_ERR_INTERNAL_ERROR,
-                        _("Domain %s asked for 'sev' launch but this "
-                          "QEMU does not support SEV feature"), vm->def->name);
-        return -1;
-    }
-
     if (sev->dh_cert) {
         if (qemuProcessSEVCreateFile(vm, "dh_cert", sev->dh_cert) < 0)
             return -1;
diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c
index 3ef90b337b..487a9a9627 100644
--- a/src/qemu/qemu_validate.c
+++ b/src/qemu/qemu_validate.c
@@ -1210,6 +1210,14 @@ qemuValidateDomainDef(const virDomainDef *def,
     if (qemuValidateDomainDefPanic(def, qemuCaps) < 0)
         return -1;
 
+    if (def->sev &&
+        !virQEMUCapsGet(qemuCaps, QEMU_CAPS_SEV_GUEST)) {
+        virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+                       _("SEV launch security is not supported with "
+                         "this QEMU binary"));
+        return -1;
+    }
+
     return 0;
 }