Custom Kernel want to secure boot with custom private key
Posted: 2018/12/06 09:48:51
OS: CentOS 7.5
I need some help.
My project need secure boot with custom key, so bios secure boot is enable,and because need modify kernel so rebuild kernel source myself follow below website.
path: https://wiki.centos.org/zh-tw/HowTos/Custom_Kernel
but can't boot because invalid signature when secure boot enable.
Even though search about "secure boot" information on google, I don't what to do...
shim or bootx64.efi need to sign? add private or anything to database?
or i need to modify kernel.spec
Source13: centos-ca-secureboot.der
Source14: centossecureboot001.crt
create der and crt with custom private key to replace this file?
I can't found more detail official information , about secure boot in centos 7.
The key security mechanism and secure boot are just like the language of another world. The information on the Internet is too fragmented, especially in Linux. I need some direction or help.
someone can help?
I need some help.
My project need secure boot with custom key, so bios secure boot is enable,and because need modify kernel so rebuild kernel source myself follow below website.
path: https://wiki.centos.org/zh-tw/HowTos/Custom_Kernel
but can't boot because invalid signature when secure boot enable.
Even though search about "secure boot" information on google, I don't what to do...
shim or bootx64.efi need to sign? add private or anything to database?
or i need to modify kernel.spec
Source13: centos-ca-secureboot.der
Source14: centossecureboot001.crt
create der and crt with custom private key to replace this file?
I can't found more detail official information , about secure boot in centos 7.
The key security mechanism and secure boot are just like the language of another world. The information on the Internet is too fragmented, especially in Linux. I need some direction or help.
someone can help?