[CentOS] signing modules

Mon Mar 16 17:18:15 UTC 2020
Phil Perry <pperry at elrepo.org>

On 16/03/2020 16:42, Jerry Geis wrote:
>> You need to turn off secure booting - you can still boot using UEFI,
>> but if secure booting is turned on the kernel doesn't allow unsigned
>> modules.
> Thanks - so is that command line to run ? Config file to edit ?
> I ran mokutil --disable-verification and rebooted
> I dont desire that MOK management screen to show - how do you get rid of
> that ?
> After rebooting my module still does not load.

Rather than disabling a security feature, why don't you generate a 
Secure Boot signing key and sign your module?

Please see the RHEL documentation here:


Elrepo has a guide here on how to import your Secure Boot signing key 
once you have signed your module: