Comment # 115 on bug 1173158 from 
(In reply to Gary Ching-Pang Lin from comment #114)
> (In reply to Tripple Moon from comment #113)
> > (In reply to Martin Wilck from comment #111)
> > > (In reply to Tripple Moon from comment #108)
> > > > Is there any way to revoke this choice, or is it only used by the current
> > > > opensuse-shim?
> > > 
> > > Yes. "mokutil --list-enrolled" shows currently enrolled certificates in the
> > > MoK. "mokutil --delete" will create a MoK request to delete this key. You
> > > have to reboot and enter mokmanager to confirm.
> > 
> > If it is only enrolled in the MokList of the current boot then there is no
> > problem at all.
> > But when i boot into KeyTool from my own boot menu i don't see any key from
> > openSUSE in the MokList, so where is this choice stored?
> > 
> > How does one enter the MokManager at boot time using the openSUSE shim?
> 
> "mokutil --import" will create an EFI variable called MokNew. When shim
> detects the existence of MokNew, it loads MokManager for the further process.

I understand that method all too well, but the problem is that on my machine
"mokutil --import" does not work properly and gives an error.
At least that is what happened while i was using Kubuntu and i had to manually
add the certificate to the MokList using KeyTool.efi from the efitools
package/repo (I compiled on my own machine from sources)

But you still have not answered the last 2 questions in that reply.
1. "so where is this choice stored?" Meaning the choice to accept the opensuse
certificate.
2. "How does one enter the MokManager at boot time using the openSUSE shim?"

You are receiving this mail because: