diff options
| author | Heinrich Schuchardt <xypron.glpk@gmx.de> | 2020-07-14 13:52:51 +0300 |
|---|---|---|
| committer | Heinrich Schuchardt <xypron.glpk@gmx.de> | 2020-07-16 13:37:02 +0300 |
| commit | 677da1c089ce5462aaf34a19b28ff16543446e71 (patch) | |
| tree | a535d4bba87c4336321ea216ec17ce74b39232b0 /doc | |
| parent | 1a7b0f6e4ec908da1f93ea77a251429892ef0c8a (diff) | |
| download | u-boot-677da1c089ce5462aaf34a19b28ff16543446e71.tar.xz | |
doc: provide links to Microsoft UEFI certificates
Some distributions provide UEFI binaries like Shim that have been signed
using a Microsoft certificate. Provide the download paths for the public
keys.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/uefi/uefi.rst | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/doc/uefi/uefi.rst b/doc/uefi/uefi.rst index 03d6fd0c6a..a72e729cc8 100644 --- a/doc/uefi/uefi.rst +++ b/doc/uefi/uefi.rst @@ -188,6 +188,15 @@ on the sandbox cd <U-Boot source directory> pytest.py test/py/tests/test_efi_secboot/test_signed.py --bd sandbox +UEFI binaries may be signed by Microsoft using the following certificates: + +* KEK: Microsoft Corporation KEK CA 2011 + http://go.microsoft.com/fwlink/?LinkId=321185. +* db: Microsoft Windows Production PCA 2011 + http://go.microsoft.com/fwlink/p/?linkid=321192. +* db: Microsoft Corporation UEFI CA 2011 + http://go.microsoft.com/fwlink/p/?linkid=321194. + Using OP-TEE for EFI variables ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |