Adding keys to MOK database for loading unsigned kernel modules in OpenShift Container Platform with SecureBoot enabled

Solution Verified - Updated -

Issue

  • Kernel module fails to load due to Secure Boot being enabled and the module not being correctly signed.
  • Need to add a new key to the MOK database in Red Hat CoreOS.
  • Enroll the new key through the MOK Manager UI in Google Cloud Platform (GCP).
  • Unable to load and consume 3rd party kernel modules due to this issue.

Environment

  • Red Hat OpenShift Container Platform 4.12+
  • Google Cloud Platform (GCP) or any environment where Secure Boot is enabled

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content