Post Reply 
Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
shim.efi.signed and iPXE
2016-04-27, 22:46
Post: #1
shim.efi.signed and iPXE
Hello everyone,

I need to load iPXE on computers that have secureboot enabled. Obviously this is an issue because iPXE does not have a purchased cert so it therefor won't authenticate.

What I am trying to do is use shim.efi.signed to boot into iPXE. Shim does have the proper cert and allows me to boot grubx64.efi which can read a standard grub.cfg I can modify.

Right now, I can boot my computer to a grub menu but when I select my programmed menu option I just receive a black screen.

if loadfont /grub/font.pf2 ; then
    set gfxmode=auto
    insmod efi_gop
    insmod efi_uga
    insmod gfxterm
    terminal_output gfxterm

set menu_color_normal=white/black
set menu_color_highlight=black/light-gray

menuentry "Load iPXE" {
    set gfxpayload=keep
    linux /boot/IPXE.KRN

I found similar configs but they all use pxelinux.0 so functions like, KERNEL and APPEND don't apply. My setup is sort of special I guess.

Thanks for reading.
Find all posts by this user
Quote this message in a reply
2016-11-02, 11:26
Post: #2
RE: shim.efi.signed and iPXE
Well, you'll need to use ipxe.efi under UEFI, regardless if signed or not. There is work in progress to get iPXE signed from Microsoft, but we're currently having issues that the signing process requires the use of a Windows-only tool which doesn't work well with our deployment procedure. There are some anecdotal writings about this frustration on
Visit this user's website Find all posts by this user
Quote this message in a reply
Post Reply 

User(s) browsing this thread: 1 Guest(s)