http://bugzilla.opensuse.org/show_bug.cgi?id=1173158
http://bugzilla.opensuse.org/show_bug.cgi?id=1173158#c134
--- Comment #134 from Tripple Moon
Then try mokutil with it:
# mokutil --import cert.der --root-pw Thanks for the help effort, i might as well try it on this Tumbleweed install im writing from and show results. I still had a DER encoded certificate that was used in my Kubuntu setup before my switch to suse. This certificate was *successfully* used to automatically sign kernel modules on that system while i was still running Kubuntu. It is no longer enrolled on my system, but can be when needed from my backup.
mokutil --import MOK.der --root-pw; echo $? Failed to enroll new keys 255 openssl x509 -text -noout -inform der -in MOK.der Certificate: Data: Version: 3 (0x2) Serial Number: 20:20:07:07:08:09:46:5f:04:2d:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN = Secure Boot Module Signature key (OEM-MOK), O = TriMoon Inc., OU = Certs Validity Not Before: Jul 7 08:09:46 2020 GMT Not After : Jul 7 08:09:46 2050 GMT Subject: CN = Secure Boot Module Signature key (OEM-MOK), O = TriMoon Inc., OU = Certs Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: XXXXXX Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:43:DC:5C:FF:86:D6:18:4B:AE:7B:25:48:0A:A9:1B:57:84:C6:D9 X509v3 Authority Key Identifier: keyid:7B:43:DC:5C:FF:86:D6:18:4B:AE:7B:25:48:0A:A9:1B:57:84:C6:D9
X509v3 Basic Constraints: critical CA:FALSE X509v3 Extended Key Usage: Code Signing, 1.3.6.1.4.1.2312.16.1.2 Netscape Comment: OpenSSL Generated Certificate Signature Algorithm: sha256WithRSAEncryption XXXXXX
mokutil --list-new nothing shown...
-- You are receiving this mail because: You are the assignee for the bug.