Overview of UEFI Secure Boot

Secure Boot is an optional capability of UEFI firmware.

Secure Boot is a technology where the system firmware checks that the system boot loader is signed with a cryptographic key authorized by a database contained in the firmware or a security device.

StarlingX’s implementation of Secure Boot also validates the signature of the second-stage boot loader and the kernel.

StarlingX’s public key, for programming in the hardware’s Secure Boot database, can be found in the StarlingX ISO.

Note

Users installing StarlingX r10 must keep the old certificate in the BIOS and users must add the new certificate before upgrading to the N+2 release.