On Wed, 11 May 2022 at 11:14, Łukasz Piątkowski wrote:
>
> That was it, I created a new without that EKU and everything works! Thank you
> very much, this was not easy to find, unfortunately :( Esp. when some
> official pages like here
> https://ubuntu.com/blog/how-to-sign-things-for-secure-boo
That was it, I created a new without that EKU and everything works! Thank
you very much, this was not easy to find, unfortunately :( Esp. when some
official pages like here
https://ubuntu.com/blog/how-to-sign-things-for-secure-boot still list it as
a needed EKU.
On Tue, May 10, 2022 at 4:59 PM Łuk
Huh, I've never seen that before... thanks, I'm gonna give it a try and
report back!
On Tue, May 10, 2022 at 4:44 PM Dimitri John Ledkov <
dimitri.led...@canonical.com> wrote:
> On Tue, 10 May 2022 at 15:07, Łukasz Piątkowski wrote:
> >
> > What I'm trying to do is to sign a mainline kernel buil
On Tue, 10 May 2022 at 15:07, Łukasz Piątkowski wrote:
>
> What I'm trying to do is to sign a mainline kernel built by ubuntu
> (https://kernel.ubuntu.com/~kernel-ppa/mainline/) with my private key, that
> is already enrolled to MOK, and boot it with Secure Boot.
>
> > the MOK key as generated b
What I'm trying to do is to sign a mainline kernel built by ubuntu (
https://kernel.ubuntu.com/~kernel-ppa/mainline/) with my private key, that
is already enrolled to MOK, and boot it with Secure Boot.
> the MOK key as generated by Ubuntu/Debian tooling, creates a signing
certificate that self-lim
the MOK key as generated by Ubuntu/Debian tooling, creates a signing
certificate that self-limits itself to only support Kernel Module
signing.
Signatures made by such certificate, are not trusted by shim for the
purpose of code signing of bootloaders (i.e. grub) or kernels (i.e.
linux).
I also res
On Tue, 2022-05-10 at 12:28 +0200, Łukasz Piątkowski wrote:
> Hi everyone - I'm new here!
>
> Sorry for going with my problem directly to the grub-devel maling
> list, but I'm pretty sure my problem is GRUB related. Still, I've
> spent some hours trying to find a solution on the Internet and I
> f
