Skip to content

Instantly share code, notes, and snippets.

@schtobia
Last active Apr 13, 2020
Embed
What would you like to do?
Generate and deploy a key for Secure Boot
#! /bin/bash
openssl req -new -x509 \
-newkey rsa:4096 \
-keyout MOK.priv \
-outform DER \
-out MOK.der \
-days 36500 \
-subj "/CN=$(getent passwd $UID | cut -d: -f 5 | cut -d, -f1)" \
-nodes \
-addext "extendedKeyUsage=codeSigning,1.3.6.1.4.1.311.10.3.6,1.3.6.1.4.1.2312.16.1.2"
mokutil --import MOK.der
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment