[systemd-devel] Ukify, systems-sbsign, Secure Boot and Microsoft Vendor keys

[John Cooper]

Hi,

I’m currently wondering whether a configuration option can be added, to systemd-ukify to enable the native enrollment of vendor keys. Specifically the capacity to set a boolean in one of the software’s configuration files, which will import Microsoft’s 3rd Party Secure Boot keys and/or certificates.

This is needed as there’s hardware which don’t boot without them and in worst case will become bricked.

So can this please be added natively in the software?

Thank you for your time and attention in this matter.

Kind Regards,

John Cooper

Sent from my iPhone