VirtualBox

Opened 15 months ago

Last modified 15 months ago

#21848 new defect

Enrolling of custom Secure Boot keys generated by Linux fails.

Reported by: rvgamer06 Owned by:
Component: EFI Version: VirtualBox-7.0.10
Keywords: secure boot custom Cc:
Guest type: Linux Host type: Windows

Description

Even following precisely this guide:https://wiki.alpinelinux.org/wiki/UEFI_Secure_Boot, i could not enroll the keys correctly because the enrollment either fails silently(i.e. looks like it succeeded, but when i open the "Delete Signature/KEK" menu it shows nothing.), or it says that the format is unsupported.

Change History (1)

comment:1 by galitsyn, 15 months ago

Hi rvgamer06,

I don't have much knowledge about Alpine Linux. Since you did not attach VBox.log, I presume VM has Secure Boot enabled which is a prerequisite. Normal way to enroll key from inside a guest is to use mokutil tool. If not available, you can also enroll keys from the host side (when VM is powered off) using VBoxManage. Please refer to the following command:

VBoxManage modifynvram <uuid | vmname> enrollmok [--mok=filename] [--owner-uuid=uuid]

If you provide more context, I probably could help you with answering questions on how to setup guest in this case.

Last edited 15 months ago by galitsyn (previous) (diff)
Note: See TracTickets for help on using tickets.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette