2dc1e51593
Cc: Guo Dong <guo.dong@intel.com> Cc: Ray Ni <ray.ni@intel.com> Cc: Maurice Ma <maurice.ma@intel.com> Cc: Benjamin You <benjamin.you@intel.com> Signed-off-by: Sean Rhodes <sean@starlabs.systems> Change-Id: I4f44e29bc967b7d2208193e21aeeef8b96afcc69
9 lines
445 B
Plaintext
9 lines
445 B
Plaintext
# PK certificate generation
|
|
|
|
* Do not save private key for re-usage.
|
|
* Generate a RSA 2048 / SHA256 x509 certificate
|
|
* Exponent should be 65537
|
|
* Microsoft certificates can be found here: https://docs.microsoft.com/en-us/windows-hardware/manufacture/desktop/windows-secure-boot-key-creation-and-management-guidance
|
|
|
|
openssl req -outform DER -newkey rsa:2048 -keyout /dev/null -passout file:<(head -c 40 /dev/urandom) -x509 -days 365 -out pk.crt
|