[CentOS] Secure boot
Gordon Messmer
gordon.messmer at gmail.com
Thu Sep 17 20:12:34 UTC 2015
On 09/17/2015 12:46 PM, Akemi Yagi wrote:
>
> I also suspect this is a grub2 issue. Perhaps, you may want to file a
> bug report [against grub2] at http://bugs.centos.org so that this can
> be followed properly.
Yeah, I just figured out how to query the signature of the new and
previous grub image. The new one is signed with "Red Hat Test Certificate"
[root at vagrant ~]# pesign --show-signature --in
/var/tmp/grub2-16/boot/efi/EFI/centos/grubx64.efi
---------------------------------------------
certificate address is 0x7fb81b3cb808
Content was not encrypted.
Content is detached; signature cannot be verified.
The signer's common name is Red Hat Inc.
No signer email address.
Signing time: Thu Mar 26, 2015
There were certs or crls included.
---------------------------------------------
[root at vagrant ~]# pesign --show-signature --in
/var/tmp/grub2-17/boot/efi/EFI/centos/grubx64.efi
---------------------------------------------
certificate address is 0x7fde869bd808
Content was not encrypted.
Content is detached; signature cannot be verified.
The signer's common name is Red Hat Test Certificate
No signer email address.
Signing time: Tue Sep 15, 2015
There were certs or crls included.
---------------------------------------------
More information about the CentOS
mailing list