Hello, GRUB binary doesn't have the cryptos to do the signs verification unlike shim, so the chainload process fails under Secure Boot.
As Valmar said, for the OpenSUSE version of GRUB2, Michael Chang came out with a patch on 2012 that make GRUB rely on shim verification to chainload other binaries: https://build.opensuse.org/package/view_file/openSUSE:Factory/grub2/grub2 -secureboot-chainloader.patch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1091464 Title: Unable to chainload Windows 8 and 10 with Secure Boot enabled To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1091464/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs