On Wed, Jun 14, 2023, at 7:20 PM, Kevin Kofler via devel wrote:
> Chris Murphy wrote:
>> OK I tried this again and discover shim is signed twice.
>>
>> Issuer: C=US, ST=Washington, L=Redmond, O=Microsoft Corporation,
>> CN=Microsoft Corporation UEFI CA 2011
>> Not Bef
Chris Murphy wrote:
> OK I tried this again and discover shim is signed twice.
>
> Issuer: C=US, ST=Washington, L=Redmond, O=Microsoft Corporation,
> CN=Microsoft Corporation UEFI CA 2011
> Not Before: Sep 9 19:40:20 2021 GMT
> Not After : Sep 1 19:40:20 2
On 6/14/23 09:29, stan via devel wrote:
On Tue, 13 Jun 2023 11:05:53 -0400
"Chris Murphy" wrote:
OK I tried this again and discover shim is signed twice.
It has been awhile since I built a local kernel that I signed, but even
a locally built kernel was signed twice when using rpmbuild. I as
On Tue, 13 Jun 2023 11:05:53 -0400
"Chris Murphy" wrote:
> OK I tried this again and discover shim is signed twice.
It has been awhile since I built a local kernel that I signed, but even
a locally built kernel was signed twice when using rpmbuild. I assume
that somewhere in the build plumbing
On Wed, May 31, 2023, at 1:31 PM, przemek klosowski via devel wrote:
> I also have a recently updated F38 with shim-x64-15.6-2.x86_64. The
> BOOTX64.EFI file has two certificates
Ha! Yeah so I'm just repeating what you said two weeks ago.
I don't have an explanation for the dual signatures, wh
OK I tried this again and discover shim is signed twice.
Issuer: C=US, ST=Washington, L=Redmond, O=Microsoft Corporation,
CN=Microsoft Corporation UEFI CA 2011
Not Before: Sep 9 19:40:20 2021 GMT
Not After : Sep 1 19:40:20 2022 GMT
Issuer: C=US, ST=Washi
I also have a recently updated F38 with shim-x64-15.6-2.x86_64. The
BOOTX64.EFI file has two certificates
Subject: C=US, ST=Washington, L=Redmond, O=Microsoft Corporation,
CN=Microsoft Windows UEFI Driver Publisher
Subject: C=US, ST=Washington, L=Redmond, O=Microsoft Corporation,
CN=Micros
On Tuesday, May 30, 2023 10:00:53 PM EDT Chris Murphy wrote:
> On Fri, May 26, 2023, at 10:20 AM, Steve Grubb wrote:
> > sbattach --detach signature /boot/efi/EFI/BOOT/BOOTX64.EFI
> > openssl pkcs7 -inform DER -in signature -text -print_certs >
> > shim-certs.txt>
> > Issuer: C=US, ST=Was
On Tue, 2023-05-30 at 22:00 -0400, Chris Murphy wrote:
>
> On Fri, May 26, 2023, at 10:20 AM, Steve Grubb wrote:
>
> > sbattach --detach signature /boot/efi/EFI/BOOT/BOOTX64.EFI
> > openssl pkcs7 -inform DER -in signature -text -print_certs > shim-certs.txt
> >
> > Issuer: C=US, ST=Wash
On Fri, May 26, 2023, at 10:20 AM, Steve Grubb wrote:
> sbattach --detach signature /boot/efi/EFI/BOOT/BOOTX64.EFI
> openssl pkcs7 -inform DER -in signature -text -print_certs > shim-certs.txt
>
> Issuer: C=US, ST=Washington, L=Redmond, O=Microsoft Corporation,
> CN=Microsoft Corporati
On Friday, May 26, 2023 11:18:32 AM EDT Gary Buhrmaster wrote:
> On Fri, May 26, 2023 at 2:20 PM Steve Grubb wrote:
> > I was poking around a F38 system to look over the Secure Boot
> > certificates and found something that may warrant attention.
>
> I *suspect* this is all wrapped into the issu
On Fri, May 26, 2023 at 2:20 PM Steve Grubb wrote:
>
> Hello,
>
> I was poking around a F38 system to look over the Secure Boot certificates and
> found something that may warrant attention.
>
I *suspect* this is all wrapped into the issue that
shims must now have/use NX support to be signed,
and
12 matches
Mail list logo
