Wind River Support Network

HomeDefectsLINCD-643
Not to be fixed

LINCD-643 : Security: Failed to write MokAuth by using mokutil --import shim_cert.cer on specified NUC7(28555)

Created: Dec 18, 2019    Updated: Mar 11, 2020
Resolved Date: Mar 6, 2020
Found In Version: 10.20.3.0, 10.20.6.0
Severity: Standard
Applicable for: Wind River Linux CD
Component/s: Userspace

Description

strace mokutil --import shim_cert.cer execve("/usr/bin/mokutil", ["mokutil", "--import", "shim_cert.cer"], 0x7ffc5ffa6520 /* 20 vars */) = 0 brk(NULL) = 0x558a8cb4a000 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3 fstat(3, \{st_mode=S_IFREG|0644, st_size=13909, ...}) = 0 mmap(NULL, 13909, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fefd6830000 close(3) = 0 openat(AT_FDCWD, "/usr/lib64/libcrypto.so.1.1", O_RDONLY|O_CLOEXEC) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0`\7\0\0\0\0\0"..., 832) = 832 fstat(3, \{st_mode=S_IFREG|0755, st_size=2843080, ...}) = 0 mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fefd682e000 mmap(NULL, 2862656, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fefd6573000 mmap(0x7fefd65e8000, 1601536, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x75000) = 0x7fefd65e8000 mmap(0x7fefd676f000, 581632, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1fc000) = 0x7fefd676f000 mmap(0x7fefd67fd000, 184320, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x289000) = 0x7fefd67fd000 mmap(0x7fefd682a000, 15936, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fefd682a000 close(3) = 0 openat(AT_FDCWD, "/usr/lib64/libefivar.so.1", O_RDONLY|O_CLOEXEC) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\240D\0\0\0\0\0\0"..., 832) = 832 fstat(3, \{st_mode=S_IFREG|0755, st_size=162864, ...}) = 0 mmap(NULL, 165760, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fefd654a000 mmap(0x7fefd654e000, 86016, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x4000) = 0x7fefd654e000 mmap(0x7fefd6563000, 20480, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x19000) = 0x7fefd6563000 mmap(0x7fefd6568000, 45056, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1d000) = 0x7fefd6568000 close(3) = 0 openat(AT_FDCWD, "/usr/lib64/libcrypt.so.2", O_RDONLY|O_CLOEXEC) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0@ \0\0\0\0\0\0"..., 832) = 832 fstat(3, \{st_mode=S_IFREG|0755, st_size=202648, ...}) = 0 mmap(NULL, 238120, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fefd650f000 mmap(0x7fefd6511000, 86016, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7fefd6511000 mmap(0x7fefd6526000, 106496, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x17000) = 0x7fefd6526000 mmap(0x7fefd6540000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x30000) = 0x7fefd6540000 mmap(0x7fefd6542000, 29224, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fefd6542000 close(3) = 0 openat(AT_FDCWD, "/lib64/libc.so.6", O_RDONLY|O_CLOEXEC) = 3 read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\360n\2\0\0\0\0\0"..., 832) = 832 fstat(3, \{st_mode=S_IFREG|0755, st_size=1806504, ...}) = 0 mmap(NULL, 1819576, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fefd6352000 mmap(0x7fefd6377000, 1323008, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x25000) = 0x7fefd6377000 mmap(0x7fefd64ba000, 307200, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x168000) = 0x7fefd64ba000 mmap(0x7fefd6505000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1b2000) = 0x7fefd6505000 mmap(0x7fefd650b000, 13240, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fefd650b000 close(3) = 0 openat(AT_FDCWD, "/lib64/libdl.so.2", O_RDONLY|O_CLOEXEC) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0 \21\0\0\0\0\0\0"..., 832) = 832 fstat(3, \{st_mode=S_IFREG|0755, st_size=14360, ...}) = 0 mmap(NULL, 16528, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fefd634d000 mmap(0x7fefd634e000, 4096, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1000) = 0x7fefd634e000 mmap(0x7fefd634f000, 4096, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7fefd634f000 mmap(0x7fefd6350000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7fefd6350000 close(3) = 0 openat(AT_FDCWD, "/lib64/libpthread.so.0", O_RDONLY|O_CLOEXEC) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0 |\0\0\0\0\0\0"..., 832) = 832 fstat(3, \{st_mode=S_IFREG|0755, st_size=113296, ...}) = 0 mmap(NULL, 131520, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fefd632c000 mmap(0x7fefd6333000, 61440, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x7000) = 0x7fefd6333000 mmap(0x7fefd6342000, 20480, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x16000) = 0x7fefd6342000 mmap(0x7fefd6347000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1a000) = 0x7fefd6347000 mmap(0x7fefd6349000, 12736, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fefd6349000 close(3) = 0 mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fefd632a000 mmap(NULL, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fefd6327000 arch_prctl(ARCH_SET_FS, 0x7fefd6327740) = 0 mprotect(0x7fefd6505000, 12288, PROT_READ) = 0 mprotect(0x7fefd6347000, 4096, PROT_READ) = 0 mprotect(0x7fefd6350000, 4096, PROT_READ) = 0 mprotect(0x7fefd6540000, 4096, PROT_READ) = 0 mprotect(0x7fefd6568000, 4096, PROT_READ) = 0 mprotect(0x7fefd67fd000, 176128, PROT_READ) = 0 mprotect(0x558a8cb48000, 4096, PROT_READ) = 0 mprotect(0x7fefd685c000, 4096, PROT_READ) = 0 munmap(0x7fefd6830000, 13909) = 0 set_tid_address(0x7fefd6327a10) = 1188 set_robust_list(0x7fefd6327a20, 24) = 0 rt_sigaction(SIGRTMIN, \{sa_handler=0x7fefd63336a0, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x7fefd633fc70}, NULL, 8) = 0 rt_sigaction(SIGRT_1, \{sa_handler=0x7fefd6333740, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fefd633fc70}, NULL, 8) = 0 rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 prlimit64(0, RLIMIT_STACK, NULL, \{rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 access("/sys/firmware/efi/efivars/", F_OK) = 0 statfs("/sys/firmware/efi/efivars/", \{f_type=SYSFS_MAGIC, f_bsize=4096, f_blocks=0, f_bfree=0, f_bavail=0, f_files=0, f_ffree=0, f_fsid={val=[0, 0]}, f_namelen=255, f_frsize=4096, f_flags=ST_VALID|ST_RELATIME}) = 0 brk(NULL) = 0x558a8cb4a000 brk(0x558a8cb6b000) = 0x558a8cb6b000 openat(AT_FDCWD, "/sys/firmware/efi/vars/", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, \{st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 getdents64(3, /* 195 entries */, 32768) = 15664 openat(3, "dump-type0-13-2-1558517245-C-cfc8fc79-be2e-4ddc-97f0-9f98bfe298a0/raw_var", O_RDONLY) = 4 read(4, "d\0u\0m\0p\0-\0t\0y\0p\0e\0000\0-\0001\0003\0-\0002\0-\0"..., 4096) = 2084 read(4, "", 4096) = 0 close(4) = 0 close(3) = 0 access("/sys/firmware/efi/vars/new_var", F_OK) = 0 geteuid() = 0 openat(AT_FDCWD, "/sys/firmware/efi/vars/SecureBoot-8be4df61-93ca-11d2-aa0d-00e098032b8c/raw_var", O_RDONLY) = 3 nanosleep(\{tv_sec=0, tv_nsec=0}, NULL) = 0 read(3, "S\0e\0c\0u\0r\0e\0B\0o\0o\0t\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 4096) = 2084 read(3, "", 2012) = 0 close(3) = 0 stat("shim_cert.cer", \{st_mode=S_IFREG|0644, st_size=781, ...}) = 0 geteuid() = 0 openat(AT_FDCWD, "/sys/firmware/efi/vars/MokNew-605dab50-e046-4300-abb6-3dd810dd8b23/raw_var", O_RDONLY) = -1 ENOENT (No such file or directory) openat(AT_FDCWD, "shim_cert.cer", O_RDONLY) = 3 read(3, "0\202\3\t0\202\1\361\240\3\2\1\2\2\t\0\273hq\7\3209[\2200\r\6\t*\206H\206"..., 781) = 781 futex(0x7fefd682c698, FUTEX_WAKE_PRIVATE, 2147483647) = 0 futex(0x7fefd682c68c, FUTEX_WAKE_PRIVATE, 2147483647) = 0 futex(0x7fefd682c684, FUTEX_WAKE_PRIVATE, 2147483647) = 0 futex(0x7fefd682c544, FUTEX_WAKE_PRIVATE, 2147483647) = 0 futex(0x7fefd682c4dc, FUTEX_WAKE_PRIVATE, 2147483647) = 0 futex(0x7fefd682c4d0, FUTEX_WAKE_PRIVATE, 2147483647) = 0 futex(0x7fefd682c67c, FUTEX_WAKE_PRIVATE, 2147483647) = 0 geteuid() = 0 openat(AT_FDCWD, "/sys/firmware/efi/vars/PK-8be4df61-93ca-11d2-aa0d-00e098032b8c/raw_var", O_RDONLY) = 4 nanosleep(\{tv_sec=0, tv_nsec=0}, NULL) = 0 read(4, "P\0K\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 4096) = 2084 read(4, "", 2012) = 0 close(4) = 0 geteuid() = 0 openat(AT_FDCWD, "/sys/firmware/efi/vars/KEK-8be4df61-93ca-11d2-aa0d-00e098032b8c/raw_var", O_RDONLY) = 4 nanosleep(\{tv_sec=0, tv_nsec=0}, NULL) = 0 read(4, "K\0E\0K\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 4096) = 2084 read(4, "", 2012) = 0 close(4) = 0 geteuid() = 0 openat(AT_FDCWD, "/sys/firmware/efi/vars/db-d719b2cb-3d3a-4596-a3bc-dad00e67656f/raw_var", O_RDONLY) = 4 nanosleep(\{tv_sec=0, tv_nsec=0}, NULL) = 0 read(4, "d\0b\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 4096) = 2084 read(4, "", 2012) = 0 close(4) = 0 geteuid() = 0 openat(AT_FDCWD, "/sys/firmware/efi/vars/MokListRT-605dab50-e046-4300-abb6-3dd810dd8b23/raw_var", O_RDONLY) = 4 nanosleep(\{tv_sec=0, tv_nsec=0}, NULL) = 0 read(4, "M\0o\0k\0L\0i\0s\0t\0R\0T\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 4096) = 2084 read(4, "", 2012) = 0 close(4) = 0 geteuid() = 0 openat(AT_FDCWD, "/sys/firmware/efi/vars/MokNew-605dab50-e046-4300-abb6-3dd810dd8b23/raw_var", O_RDONLY) = -1 ENOENT (No such file or directory) close(3) = 0 fstat(1, \{st_mode=S_IFCHR|0600, st_rdev=makedev(0x4, 0x40), ...}) = 0 ioctl(1, TCGETS, \{B115200 opost isig icanon echo ...}) = 0 ioctl(0, TCGETS, \{B115200 opost isig icanon echo ...}) = 0 ioctl(0, TCGETS, \{B115200 opost isig icanon echo ...}) = 0 ioctl(0, SNDCTL_TMR_CONTINUE or TCSETSF, \{B115200 opost isig icanon -echo ...}) = 0 fstat(0, \{st_mode=S_IFCHR|0600, st_rdev=makedev(0x4, 0x40), ...}) = 0 ioctl(0, TCGETS, \{B115200 opost isig icanon -echo ...}) = 0 write(1, "input password: ", 16input password: ) = 16 read(0, "1\n", 4096) = 2 ioctl(0, SNDCTL_TMR_CONTINUE or TCSETSF, \{B115200 opost isig icanon echo ...}) = 0 write(1, "\n", 1 ) = 1 ioctl(0, TCGETS, \{B115200 opost isig icanon echo ...}) = 0 ioctl(0, TCGETS, \{B115200 opost isig icanon echo ...}) = 0 ioctl(0, SNDCTL_TMR_CONTINUE or TCSETSF, \{B115200 opost isig icanon -echo ...}) = 0 write(1, "input password again: ", 22input password again: ) = 22 read(0, "1\n", 4096) = 2 ioctl(0, SNDCTL_TMR_CONTINUE or TCSETSF, \{B115200 opost isig icanon echo ...}) = 0 write(1, "\n", 1 ) = 1 getpid() = 1188 getpid() = 1188 access("/sys/firmware/efi/vars/MokNew-605dab50-e046-4300-abb6-3dd810dd8b23/data", F_OK) = -1 ENOENT (No such file or directory) openat(AT_FDCWD, "/sys/firmware/efi/vars/new_var", O_WRONLY) = 3 write(3, "M\0o\0k\0N\0e\0w\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 2084) = 2084 umask(000) = 022 umask(022) = 000 chmod("/sys/firmware/efi/vars/MokNew-605dab50-e046-4300-abb6-3dd810d/", 0600) = -1 ENOENT (No such file or directory) chmod("/sys/firmware/efi/vars/MokNew-605dab50-e046-4300-abb6-3dd810d/attributes", 0600) = -1 ENOENT (No such file or directory) chmod("/sys/firmware/efi/vars/MokNew-605dab50-e046-4300-abb6-3dd810d/data", 0600) = -1 ENOENT (No such file or directory) chmod("/sys/firmware/efi/vars/MokNew-605dab50-e046-4300-abb6-3dd810d/guid", 0600) = -1 ENOENT (No such file or directory) chmod("/sys/firmware/efi/vars/MokNew-605dab50-e046-4300-abb6-3dd810d/raw_var", 0600) = -1 ENOENT (No such file or directory) chmod("/sys/firmware/efi/vars/MokNew-605dab50-e046-4300-abb6-3dd810d/size", 0600) = -1 ENOENT (No such file or directory) close(3) = 0 access("/sys/firmware/efi/vars/MokAuth-605dab50-e046-4300-abb6-3dd810dd8b23/data", F_OK) = -1 ENOENT (No such file or directory) openat(AT_FDCWD, "/sys/firmware/efi/vars/new_var", O_WRONLY) = 3 write(3, "M\0o\0k\0A\0u\0t\0h\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 2084) = -1 ENOSPC (No space left on device) umask(000) = 022 umask(022) = 000 chmod("/sys/firmware/efi/vars/MokAuth-605dab50-e046-4300-abb6-3dd810d/", 0600) = -1 ENOENT (No such file or directory) chmod("/sys/firmware/efi/vars/MokAuth-605dab50-e046-4300-abb6-3dd810d/attributes", 0600) = -1 ENOENT (No such file or directory) chmod("/sys/firmware/efi/vars/MokAuth-605dab50-e046-4300-abb6-3dd810d/data", 0600) = -1 ENOENT (No such file or directory) chmod("/sys/firmware/efi/vars/MokAuth-605dab50-e046-4300-abb6-3dd810d/guid", 0600) = -1 ENOENT (No such file or directory) chmod("/sys/firmware/efi/vars/MokAuth-605dab50-e046-4300-abb6-3dd810d/raw_var", 0600) = -1 ENOENT (No such file or directory) chmod("/sys/firmware/efi/vars/MokAuth-605dab50-e046-4300-abb6-3dd810d/size", 0600) = -1 ENOENT (No such file or directory) close(3) = 0 write(2, "Failed to write MokAuth\n", 24Failed to write MokAuth ) = 24 openat(AT_FDCWD, "/sys/firmware/efi/vars/MokNew-605dab50-e046-4300-abb6-3dd810dd8b23/size", O_RDONLY) = 3 read(3, "0x339\n", 4096) = 6 read(3, "", 4090) = 0 close(3) = 0 openat(AT_FDCWD, "/sys/firmware/efi/vars/MokNew-605dab50-e046-4300-abb6-3dd810dd8b23/raw_var", O_RDONLY) = 3 read(3, "M\0o\0k\0N\0e\0w\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 4096) = 2084 read(3, "", 2012) = 0 close(3) = 0 openat(AT_FDCWD, "/sys/firmware/efi/vars/del_var", O_WRONLY) = 3 write(3, "M\0o\0k\0N\0e\0w\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 2084) = 2084 close(3) = 0 exit_group(-1) = ? +++ exited with 255 +++

Steps to Reproduce

By now, only found it on 28555 target:


TEST_STEP
/lpg-build/cdc/fast_prod/WRLINUX_MASTER_WR/MASTER_WR_GIT/wrlinux-10/setup.sh --machines=intel-x86-64 --distros=wrlinux --dl-layers --templates feature/ima feature/efi-secure-boot feature/encrypted-storage --accept-eula=yes 
. ./oe-init-build-env build 
bitbake-layers add-layer /net/pek-lpgtest15/buildarea1/jhu2/wrlinux_cd/testcases/wr-testing/bts-dev
echo require templates/feature/bts/template.conf >> conf/local.conf 
echo PREFERRED_PROVIDER_virtual/kernel = "linux-yocto" >> conf/local.conf 
bitbake  wrlinux-image-std
 
In conf/local.conf :
#jhu2 append as below:
require templates/feature/bts/template.conf
PREFERRED_PROVIDER_virtual/kernel = "linux-yocto"
BB_NUMBER_THREADS ?= "24"
PARALLEL_MAKE ?= "-j 24"
IMAGE_ROOTFS_EXTRA_SPACE = "1024000"
ACTIVE_PLAN = "customized_test_plan.ini"
 
root@intel-x86-64:/opt/wr-test# cat /etc/keys/shim_cert.crt
-----BEGIN CERTIFICATE-----
MIIDCTCCAfGgAwIBAgIJALtocQfQOVuQMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNV
BAMMEFNoaW0gQ2VydGlmaWNhdGUwHhcNMTgwOTI4MDczMzE0WhcNMjgwOTI1MDcz
MzE0WjAbMRkwFwYDVQQDDBBTaGltIENlcnRpZmljYXRlMIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEAyg7sQbCJZbZUfttNQ15aSmLXlCCEJDBWGpu3dz5n
eAk2ybDfrR3TdkYgBnn+Mzu0Np3uQJsHD5SnQgS1vQbMBAwhd9cDQ6ZZdsIt3IGn
yHePMg09hXGfVR1Ik3yGMOiMh7pIQJpW1KXPMTHB/0QgA7XYxUtM5nAoSf8oVm3z
mRSSw/zrKk3NFwZxKFs5hGtzebLjlVJsWAOz3e9+9DHfe85K6A4Z1nw8IJklYYyN
7yZjR3YUOBfux0IMxFiQg+xeHbrKwDOark6u5ew5pw3qjLRktkYbFuV05g212CLd
iaxeflplYAo4pv7qmjjF7WjF/OTBBsL2DXHq9/l49Z/bvQIDAQABo1AwTjAdBgNV
HQ4EFgQU8xmX+ggCbC2vgTnovMTHKe8GKpkwHwYDVR0jBBgwFoAU8xmX+ggCbC2v
gTnovMTHKe8GKpkwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAEKE6
UwrC3TLJITOCSqIZ3isuAXVejP2Lqw83Z070XqVafa6JOmdBaS+pgQCFKzbNlt/x
PbfRiaDWJLn68BqXz9X+duZPK1AKRRom7sMQGFPSgqUqJUKuBDuOPMQype3Z7BpM
DemfKpvO+YZfbmWgd7JTm/eZtm/u9EQFL7MipyPeSiG8nAZSwXDAfZjDl5316XgS
qRUZ/eO8kQa1V8Q5zTqtADIqQNn7rUSM61JHsBNrobLr8NzflnEpGDOqxOkJTP4l
M5PrAyDP7w+ATTC0lQde/9Z26fsyeH+AUnp1Kv0tA4qgrabjzFDtv4ETu230T285
HGMGoxi+gE5uYW7ZdQ==
-----END CERTIFICATE-----

openssl x509 -in /etc/keys/shim_cert.crt -inform PEM -out shim_cert.cer -outform DER
mokutil --import shim_cert.cer
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube