Can you provide instructions for installing custom secure boot keys (PK, KEK, db)? I have checked the user guide and TPS, as well as tried via the BIOS interface. I can clear the existing keys, but it's not obvious how to load my keys. Perhaps I place them on a USB drive with specific filenames?
Good question! The BIOS Glossary talks about a selection that is used for reading the information from a file, but I am not seeing this selection exposed by any of the NUCs.
I would recommend that you review the following documentation:
I am also attaching the "Signing UEFI Applications and Drivers for UEFI Secure Boot" white paper for your reference.
We provide the hardware needed for this implementation but this is more on the software/Operating System side (OEM/Microsoft*)
I hope this helps,
Hi Ronny, thanks for the reply. Sorry, but this is not what I'm asking. I am asking for specific instructions for loading custom secure boot keys into the NUC. You can use NUC8i7HVB as a proxy for the model number since I use many NUCs. Clearly the NUC BIOS intends to support this ability, but I have no idea how to actually load my custom PK, KEK, and db into the NUC.
Thanks for the help,
I just chatted with Chris V. about this request and my understanding is that he is also working with you so we will contact you back as soon as possible.