You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: doc/security.rst
+4-4Lines changed: 4 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -232,11 +232,11 @@ To enable UEFI Secure Boot signing globally for all profiles, set:
232
232
233
233
in ``conf/local.conf``. To use a custom DB key, additionally set:
234
234
235
-
``REFKIT_DB_KEY``
236
-
``REFKIT_DB_CERT``
235
+
``SECURE_BOOT_SIGNING_KEY``
236
+
``SECURE_BOOT_SIGNING_CERT``
237
237
238
-
The signing tool uses a 2048bit RSA private key (``REFKIT_DB_KEY``) and a
239
-
PEM formatted X.509 signature (``REFKIT_DB_CERT``). When deploying the DB
238
+
The signing tool uses a 2048bit RSA private key (``SECURE_BOOT_SIGNING_KEY``) and a
239
+
PEM formatted X.509 signature (``SECURE_BOOT_SIGNING_CERT``). When deploying the DB
240
240
keys on the device, use the DER formatted X.509. See ``meta-refkit/files/secureboot/gen-keys-helper.sh`` for more details on how the test keys can be created.
0 commit comments