Deleting a key exchange key, Allowed signatures database (db) options – HP Unified Extensible Firmware Interface User Manual

2.

Enter the optional security certificate Signature GUID and press Enter. Enter the data in the
following GUID format (36 characters): 11111111-2222-3333-4444-1234567890ab.

•

For Hewlett Packard certificates, enter F5A96B31-DBA0-4faa-A42A-7A0C9832768E

•

For Microsoft certificates, enter 77fa9abd-0359-4d32-bd60-28f4e78f784b

•

For SUSE certificates, enter 2879c886-57ee-45cc-b126-f92f24f906b9

3.

Select Commit changes and exit to save your changes.

Deleting a Key Exchange Key

Select this option to delete a new entry in the Key Exchange Key (KEK) security database. Important:
Changing the default security certificates can cause the system to fail booting from some devices,
or to fail launching certain software such as Intelligent Provisioning.

To delete a Key Exchange Key:
1.

Select Platform Key (PK) Options

→Delete Key Exchange Key (KEK) and press Enter

2.

Select a key to delete from the list.

3.

Press Enter (Yes) in the message prompt to delete the Key or ESC to cancel.

Allowed Signatures Database (DB) Options

The database maintains signatures of codes that are authorized to run on the platform. Select this
option to enter the Allowed Signatures (DB) Options menu. You can enroll or delete the DB
signatures.
To enroll a Signature Database.
1.

Select Allowed Signatures Database (DB) Options

→Enroll Signature and press Enter.

2.

Select Enroll Signature using File and press Enter.

3.

Select Commit changes and exit to save your changes.

Figure 66 Server Security—Enroll Signature screen

Accessing the BIOS/Platform Configuration (RBSU) menu

75