Overview of UEFI Secure Boot

Secure Boot is an optional capability of UEFI firmware.

Secure Boot is a technology where the server´s firmware checks that the system boot loader is signed with a cryptographic key authorized by a database contained in the server´s firmware database or a security device.

StarlingX’s implementation of Secure Boot also validates the signature of the second-stage boot loader and the kernel.

StarlingX’s public key, for programming in the hardware’s Secure Boot db database, can be found in the StarlingX ISO.

Note

Users installing StarlingX r10 must keep the old certificate in the BIOS and users must add the new certificate before upgrading to the N+2 release.