|
HTML rendering created 2025-02-02 by Michael Kerrisk, author of The Linux Programming Interface. For details of in-depth Linux/UNIX system programming training courses that I teach, look here. Hosting by jambit GmbH. |
|
|
NAME | SYNOPSIS | DESCRIPTION | COMMANDS | OPTIONS | SEE ALSO | COLOPHON |
|
|
|
SYSTEMD-SBSIGN(1) systemd-sbsign SYSTEMD-SBSIGN(1)
systemd-sbsign - Sign PE binaries for EFI Secure Boot
systemd-sbsign [OPTIONS...] {COMMAND}
systemd-sbsign can be used to sign PE binaries for EFI Secure
Boot.
sign
Signs the given PE binary for EFI Secure Boot. Takes a path to
a PE binary as its argument. If the PE binary already has a
certificate table, the new signature will be added to it.
Otherwise, a new certificate table will be created. The signed
PE binary will be written to the path specified with
--output=.
Added in version 257.
The following options are understood:
--output=PATH
Specifies the path where to write the signed PE binary.
Added in version 257.
--private-key=PATH/URI, --private-key-source=TYPE[:NAME],
--certificate=PATH, --certificate-source=TYPE[:NAME]
Set the Secure Boot private key and certificate for use with
the sign. The --certificate= option takes a path to a PEM
encoded X.509 certificate or a URI that's passed to the
OpenSSL provider configured with --certificate-source. The
--certificate-source takes one of "file" or "provider", with
the latter being followed by a specific provider identifier,
separated with a colon, e.g. "provider:pkcs11". The
--private-key= option can take a path or a URI that will be
passed to the OpenSSL engine or provider, as specified by
--private-key-source= as a "type:name" tuple, such as
"engine:pkcs11". The specified OpenSSL signing engine or
provider will be used to sign the PE binary.
Added in version 257.
-h, --help
Print a short help text and exit.
--version
Print a short version string and exit.
bootctl(1)
This page is part of the systemd (systemd system and service
manager) project. Information about the project can be found at
⟨http://www.freedesktop.org/wiki/Software/systemd⟩. If you have a
bug report for this manual page, see
⟨http://www.freedesktop.org/wiki/Software/systemd/#bugreports⟩.
This page was obtained from the project's upstream Git repository
⟨https://github.com/systemd/systemd.git⟩ on 2025-02-02. (At that
time, the date of the most recent commit that was found in the
repository was 2025-02-02.) If you discover any rendering
problems in this HTML version of the page, or you believe there is
a better or more up-to-date source for the page, or you have
corrections or improvements to the information in this COLOPHON
(which is not part of the original manual page), send a mail to
man-pages@man7.org
systemd 258~devel SYSTEMD-SBSIGN(1)
Pages that refer to this page: systemd-keyutil(1), systemd.directives(7), systemd.index(7)
|
HTML rendering created 2025-02-02 by Michael Kerrisk, author of The Linux Programming Interface. For details of in-depth Linux/UNIX system programming training courses that I teach, look here. Hosting by jambit GmbH. |
|