Custom Kernel want to secure boot with custom private key

Support for security such as Firewalls and securing linux
Post Reply
Posts: 1
Joined: 2018/12/06 09:06:37

Custom Kernel want to secure boot with custom private key

Post by jack.lan » 2018/12/06 09:48:51

OS: CentOS 7.5

I need some help.

My project need secure boot with custom key, so bios secure boot is enable,and because need modify kernel so rebuild kernel source myself follow below website.


but can't boot because invalid signature when secure boot enable.

Even though search about "secure boot" information on google, I don't what to do...

shim or bootx64.efi need to sign? add private or anything to database?

or i need to modify kernel.spec

Source13: centos-ca-secureboot.der
Source14: centossecureboot001.crt

create der and crt with custom private key to replace this file?

I can't found more detail official information , about secure boot in centos 7.

The key security mechanism and secure boot are just like the language of another world. The information on the Internet is too fragmented, especially in Linux. I need some direction or help. :cry:

someone can help?

Post Reply