Download the required public keys to operate Server & Workload Protection with Linux Secure Boot.
Before you can enroll a Secure Boot key, you must first download the TrendAI™ public keys. These public keys are used to validate the kernel module signatures.
The public keys are encoded in DER format. If you have troulbe downloading the files,
right-click the links and select Save Link As.
-
DS2022.der SHA-256 certificate hash:
BB FA 4A B8 3C 61 A0 3F 1D D0 4B A7 A4 51 75 E7 D7 EF D3 C8 4B F3 D9 FE A0 CE AB B9 2A F4 8E 92 -
DS20_V2.der SHA-256 certificate hash:
B3 36 43 7B 12 B3 EB 6A 4E 4A 44 62 40 4F 1F BD 21 32 70 77 4C 33 7D 1C 5A 58 7C 99 83 F7 30 C7
You also must download the intermediate certificate authority (CA) certificates that
are required to validate the signing chain on the TrendAI™ public keys. If Microsoft updates these CA certificates, then you will need to use
the new certificates. The CA certificates are X.509 v3 CRT files encoded in DER format.
-
MicWinProPCA2011_2011-10-19.crt Microsoft Windows Production PCA 2011 SHA-256 certificate hash:
E8 E9 5F 07 33 A5 5E 8B AD 7B E0 A1 41 3E E2 3C 51 FC EA 64 B3 C8 FA 6A 78 69 35 FD DC C7 19 61 -
MicCorUEFCA2011_2011-06-27.crt Microsoft Corporation UEFI CA 2011 SHA-256 certificate hash:
48 E9 9B 99 1F 57 FC 52 F7 61 49 59 9B FF 0A 58 C4 71 54 22 9B 9F 8D 60 3A C4 0D 35 00 24 85 07 -
MicCorKEKCA2011_2011-06-24.crt Microsoft Corporation KEK CA 2011 SHA-256 certificate hash:
A1 11 7F 51 6A 32 CE FC BA 3F 2D 1A CE 10 A8 79 72 FD 6B BE 8F E0 D0 B9 96 E0 9E 65 D8 02 A5 03