Manualshelf

Users Guide

ManualsBrandsDell ManualsActive System ManageriDRAC9 - 3.0x Series
71727374757677787980
PK X.509 Certificate (binary DER
format only)
1. .cer
2. .der
3. .crt
One
KEK
X.509 Certificate (binary DER
format only)
Public Key Store
1. .cer
2. .der
3. .crt
4. .pbk
More than one
DB and DBX
X.509 Certificate (binary DER
format only)
EFI image (system BIOS will
calculate and import image
digest)
1.
.cer
2. .der
3. .crt
4. .efi
More than one
The Secure Boot Settings feature can be accessed by clicking System Security under System BIOS Settings. To go to System BIOS
Settings, press F2 when the company logo is displayed during POST.
By default, Secure Boot is in the Disabled mode and the Secure Boot policy is set to Standard. If the Secure Boot needs to be
activated, the Secure Boot must be configured as Enabled.
When the Secure Boot mode is set to Standard, it indicates that the system has default certificates and image digests or hash loaded
from the factory. These caters to the security of standard firmware, drivers, option-roms, and boot loaders.
In case a new driver or firmware has to be supported on the server then the respective certificate must be enrolled into the DB of
Secure Boot certificate store. Therefore, Secure Boot Policy must be configured to Custom.
When the Secure Boot Policy is configured as Custom, it inherits the standard certificates and image digests loaded in the system by
default, on which, you can make any modifications as necessary. Secure Boot Policy configured as Custom allows you to perform
operations such as View, Export, Import, Delete, Delete All, Reset, and Reset All, by using which, you can configure the Secure Boot
Policies according to your requirements.
Configuring the Secure Boot Policy to Custom enables the options to manage the certificate store by using various actions such as
Export, Import, Delete, Delete All, Reset, and Rest All on PK, KEK, DB, and DBX. You can select the policy (PK / KEK / DB / DBX) on
which you want to make the change and perform appropriate actions by clicking the respective link. Each section will have links to perform
the Import, Export, Delete, and Reset operations. Links are enabled based on what is applicable, which depends on the configuration at the
point of time. Delete All and Reset All are the operations that have impact on all the policies. Delete All deletes all the certificates and
image digests in the Custom policy, and Rest All restores all the certificates and image digests from Standard or Default certificate store.
76
Setting up managed system