mirror of
https://github.com/ipxe/ipxe
synced 2026-05-16 15:00:48 +03:00
Michael Brown
93fc2123c3
Include the relevant CA certificate in the UEFI Secure Boot build artifacts. This allows for easy identification of test-signed builds without having to extract the certificate from the signed binary. This also eases the process of adding the ephemeral test-signing certificate to the UEFI trusted certificate list, if a user wants to test a non-release build with Secure Boot enabled. (The corresponding private key is deliberately not preserved, to minimise the attack surface that this would otherwise open up on the user's system.) Include the commit hash and build architecture within the ephemeral test-signing certificate's subject name, to make it obvious that the scope is limited to signing only that single build. Signed-off-by: Michael Brown <mcb30@ipxe.org>
iPXE README File Quick start guide: cd src make For any more detailed instructions, see http://ipxe.org