diff options
| author | Christian Breunig <christian@breunig.cc> | 2025-03-16 20:10:09 +0100 |
|---|---|---|
| committer | Christian Breunig <christian@breunig.cc> | 2025-03-18 16:19:39 +0100 |
| commit | a02b10b2ba4197c4dcd84eef053e4ab94995295b (patch) | |
| tree | 73f9111f5a7f28e317c5c8d533f14831d4eedac3 /data | |
| parent | 8d58a72368e6462fb464dad88bbc97599476b863 (diff) | |
| download | vyos-build-a02b10b2ba4197c4dcd84eef053e4ab94995295b.tar.gz vyos-build-a02b10b2ba4197c4dcd84eef053e4ab94995295b.zip | |
T861: use secure-boot certificates from data/certificates
Diffstat (limited to 'data')
| -rw-r--r-- | data/certificates/.gitignore | 1 | ||||
| -rw-r--r-- | data/live-build-config/includes.chroot/var/lib/shim-signed/mok/README.md | 11 |
2 files changed, 1 insertions, 11 deletions
diff --git a/data/certificates/.gitignore b/data/certificates/.gitignore new file mode 100644 index 00000000..c996e507 --- /dev/null +++ b/data/certificates/.gitignore @@ -0,0 +1 @@ +*.key diff --git a/data/live-build-config/includes.chroot/var/lib/shim-signed/mok/README.md b/data/live-build-config/includes.chroot/var/lib/shim-signed/mok/README.md deleted file mode 100644 index abaaa97a..00000000 --- a/data/live-build-config/includes.chroot/var/lib/shim-signed/mok/README.md +++ /dev/null @@ -1,11 +0,0 @@ -# Secure Boot - -## CA - -Create Certificate Authority used for Kernel signing. CA is loaded into the -Machine Owner Key store on the target system. - -```bash -openssl req -new -x509 -newkey rsa:4096 -keyout MOK.key -outform DER -out MOK.der -days 36500 -subj "/CN=VyOS Secure Boot CA/" -nodes -openssl x509 -inform der -in MOK.der -out MOK.pem -``` |