Am 30.07.20 um 15:10 schrieb Marcus Meissner:
(......) will stay unchanged?
Yes, the openSUSE Secure Boot CA will stay unchanged.
Is the new key available for download somewhere? I have my own set of PK/KEK and import such keys usually manually.
We still need to generate the new key, we need to wait until the fixed grub2 has been checked into openSUSE:Factory first to avoid having it signed by the new key.
I will send it as reply as soon as its available.
Out of curiousity, what toolchain do you use to create/handle secure boot keys? sbsigntools and efitools have never been part of any official SUSE repo. Lucky, the author of these tools has his own repo. My dear, you use M$ Windoze to handle secure boot keys, right? best regards -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-security+owner@opensuse.org