Jump to content

How to Sign UEFI without rebooting?


Go to solution Solved by Marcos,

Recommended Posts

Secure Boot is enabled on VMware, and the OS is Oracle Linux. I installed ESET Server Security for Linux, but since Secure Boot is enabled, the kernel module must be signed. However, signing the kernel module requires a reboot. Is there any way to sign the kernel module without rebooting? The server is currently in operation, so rebooting is not an option. Even a workaround would be helpful in this situation.

Link to comment
Share on other sites

  • Administrators
  • Solution

Secure Boot is a security feature of the operating system that allows only signed kernel modules to load. A kernel module is signed for a particular loaded kernel, one version of the kernel at a time. Once you update the system and the kernel is updated, changing the version of the kernel, it is necessary to sign the kernel module again. This also applies when you have multiple kernels and you load a different kernel during boot.

The only option is to sign the kernel module to load it when Secure Boot is enabled. This is a feature of the operating system, and it is necessary to follow the steps to sign the kernel module. There is no workaround for this procedure.

If the kernel module is not signed and Secure Boot is enabled, it is not possible to load the kernel module, and real-time protection and web access protection will not work. It is necessary to sign the RTP kernel module and the WAP kernel module.

Regarding the reboot, it is part of the procedure, and certificates need to be imported to UEFI; therefore, there is no other option.

This is not a procedure of our product but a feature of the operating system.

 

 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...