beautypg.com

Setting the secure boot custom mode – HP Unified Extensible Firmware Interface User Manual

Page 71

background image

Setting the Secure Boot Custom Mode

If you select the “Custom Mode” for Secure Boot mode, the Secure Boot Custom Mode Options
menu appears. From this menu, select the Platform Key (PK) Options, Key Exchange Key (KEK)
Options, Allowed Signatures Database (DB) Options, and Forbidden Signatures Database (DBX)
Options.

Figure 61 Server Security — Secure Boot Custom Mode Options screen

1.

Select Secure Boot Mode Options and press Enter.

2.

Select one of the following options:.

Platform Key (PK) Options—Select this option to enroll a Platform Key (PK). The file must
be in DER-encoded certificate format. See

“Enrolling a Platform Key (PK)” (page 72)

to

proceed.

Key Exchange Key (KEK) Options—Select this option to enroll a Key Exchange Key (KEK).
The file must be in DER-encoded certificate format. For more information, see

“Enrolling

a Key Exchange Key (KEK)” (page 73)

to proceed.

Allowed Signatures Database (DB) Options—Select this option to enroll an Allowed
Signatures (DB). For more information, see

“Allowed Signatures Database (DB) Options”

(page 75)

to proceed.

Forbidden Signatures Database (DBX) Options—Select this option to enroll a Forbidden
Signatures (DBX). For more information, see

“Forbidden Signatures Database (DBX)

Options” (page 76)

to proceed.

Accessing the BIOS/Platform Configuration (RBSU) menu

71

This manual is related to the following products:
See also other documents in the category HP Software: