Secure Boot RHEL 7.9 SHIM ISSUE

Comments

I had a problem when implementing UEFI Secure Boot for RHEL 7.9. I Could not get the MokManager after adding a key to the queue, the only way I found was to create an entry at boot level that will directly use the mmx64.efi file.
By default the entry uses the grubx64.efi file. I tried to modify this value and use the shimx64.efi so that it can automatically start the MokManager if needed.
But when I modify it and add this input I get the following result with strings and hexadecimal values
shim's load

BootCurrent: 0004
Timeout: 2 seconds
BootOrder: 0004,0002,0001,0003
Boot0000* OS on hard drive
Red Hat Enterprise Linux    HD(1,GPT,3415e50e-2e43-472b-9466-51747089e22a,0x800,0x64000)/File(\EFI\redhat\grubx64.efi)
Boot0002* test-shimx64.efi  HD(1,GPT,c982fd63-903f-427c-b6fa-1123ecabb42a,0x800,0x64000)/File(\EFI\redhat\shimx64.efi)

/boot/efi/
└── EFI
    ├── BOOT
    │   ├── BOOTX64.EFI
    │   ├── fallback.efi
    │   └── fbx64.efi
    └── redhat
        ├── BOOT.CSV
        ├── BOOTX64.CSV
        ├── fonts
        │   └── unicode.pf2
        ├── grub.cfg
        ├── grubenv
        ├── grubx64.efi
        ├── mmx64.efi
        ├── shim.efi
        ├── shimx64.efi
        └── shimx64-redhat.efi

Started 2021-09-01T08:33:24+00:00 by

ALAIN OUSTRI

Community Member 20 points

Select Your Language

Responses

Quick Links

Help

Site Info

Related Sites

About

Red Hat legal and privacy links

Red Hat legal and privacy links

Responses

Quick Links

Help

Site Info

Related Sites

Systems Status

About

Red Hat legal and privacy links

Red Hat legal and privacy links