Skip to content

Instantly share code, notes, and snippets.

Last active Apr 13, 2020
What would you like to do?
Generate and deploy a key for Secure Boot
#! /bin/bash
openssl req -new -x509 \
-newkey rsa:4096 \
-keyout MOK.priv \
-outform DER \
-out MOK.der \
-days 36500 \
-subj "/CN=$(getent passwd $UID | cut -d: -f 5 | cut -d, -f1)" \
-nodes \
-addext "extendedKeyUsage=codeSigning,,"
mokutil --import MOK.der
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment