User talk:Sakaki/Sakaki's EFI Install Guide/Configuring Secure Boot/Using KeyTool

From Gentoo Wiki
Jump to:navigation Jump to:search
This is a Talk page - please see the documentation about using talk pages. Add newer comments below older ones, sign comments using four tildes (~~~~), and indent successive comments with colons (:). Add new sections at the bottom of the page, under a heading (== ==). Please remember to mark sections as "open for discussion" using {{talk|open}}, so they will show up in the list of open discussions.

Still doesn't work on ASRock UEFI, it won't allow booting to the generic USB partition as long as there is a "Gentoo Linux (USB)" boot option. Any other way to run KeyTools in setup mode?

For that matter, isn't there any way we can just append the self-signed PK, KEK, and db certificates to the Windows ones on disk, before adding them with efi-updatevar? The ASRock UEFI Setup mode apparently locks in each key as it's updated instead of locking in all the keys when PK.auth is updated, so each key can be added once but not appended to, as the current process requires.

Migrated into Main Page

The KeyTool material has now been merged (and expanded, with screenshots) into the main Configuring Secure Boot page. --Sakaki (talk) 17:08, 29 August 2017 (UTC)