Once upon a time, Udo Seidel <[email protected]> said: > I was trying to use it on KVM guests on a AArch64 host. So it was > the AAVMF package providing the firmware. Thas the famouse > "Microsoft Corporation Third Party Marketplace Root" key. Do you > need more information?
My point is that if there's no hardware shipping with that cert, and especially if that's not what MS considers the intended use of that cert (because at one point their rules were different between x86_64 and AArch64), they may not sign any code for that use. Even if Fedora did have the setup for signing the AArch64 pieces, MS may not sign shim. If you need Secure Boot in your VMs, you'll probably have to add your own cert and do the signing yourself. -- Chris Adams <[email protected]> -- _______________________________________________ arm mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
