[PATCH 1/1] doc: provide links to Microsoft UEFI certificates
Heinrich Schuchardt
xypron.glpk at gmx.de
Tue Jul 14 12:55:39 CEST 2020
Some distributions provide UEFI binaries like Shim that have been signed
using a Microsoft certificate. Provide the download paths for the public
keys.
Signed-off-by: Heinrich Schuchardt <xypron.glpk at gmx.de>
---
doc/uefi/uefi.rst | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/doc/uefi/uefi.rst b/doc/uefi/uefi.rst
index 03d6fd0c6a..a72e729cc8 100644
--- a/doc/uefi/uefi.rst
+++ b/doc/uefi/uefi.rst
@@ -188,6 +188,15 @@ on the sandbox
cd <U-Boot source directory>
pytest.py test/py/tests/test_efi_secboot/test_signed.py --bd sandbox
+UEFI binaries may be signed by Microsoft using the following certificates:
+
+* KEK: Microsoft Corporation KEK CA 2011
+ http://go.microsoft.com/fwlink/?LinkId=321185.
+* db: Microsoft Windows Production PCA 2011
+ http://go.microsoft.com/fwlink/p/?linkid=321192.
+* db: Microsoft Corporation UEFI CA 2011
+ http://go.microsoft.com/fwlink/p/?linkid=321194.
+
Using OP-TEE for EFI variables
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
--
2.27.0
More information about the U-Boot
mailing list