SuperServer 6029TP-HTR/HC0R/HC1R User's Manual
Secure Boot
When you select this submenu and press the <Enter> key, the following items will display:
•
System Mode
•
Secure Boot
•
Vendor Keys
Secure Boot
If this feature is set to Enabled, Secure Boot will be activated when a Platform Key (PK) is
entered. A Platform Key is a security key used to manage the security settings of the platform
firmware used in your system. The options are Enabled and Disabled.
Secure Boot Mode
Use this feature to select the desired secure boot mode for the system. The options are
Standard and Custom.
CMS Support
Select Enbabled for CMS support to enhance system performance. The options are Enabled
and Disabled.
Key Management
Provision Factory Default Keys
Select Enabled to install all manufacturer default keys to configure the following system
security settings. The options are Enabled and Disabled.
Enroll All Factor Defaults
Select Yes to install all manufacturer defaults to configure the following system security
settings. The options are Yes and No.
Enroll EFI Image
Select this item and press <Enter> to select an EFI (Extensible Firmware Interface) image
for the system to operate in Secure Boot mode.
Save All Secure Boot Variables
This feature allows the user to set and save the secure boot key variables specified by the
user.
104
Platform Key (PK)
This feature allows the user to enter and configure a set of values to be used as a platform
firmware key for the system. This set of values also indicate the size, the keys numbers,
and the key source of the Platform Key. The options are Save to File, Set New, and Erase.
Key Exchange Keys
This feature allows the user to enter and configure a set of values to be used as a Key-
Exchange-Keys for the system. This set of values also indicate the size, the keys numbers,
and the key source of the Key-Exchange-Keys. The options are Save to File, Set New, and
Erase.
Authorized Signatures
This feature allows the user to enter and configure a set of values to be used as Authorized
Signatures for the system. These values also indicate the size, the keys numbers, and the
key source of the Authorized Signatures. The options are Set New and Append.
Secure Boot Variable/Size/Key#/Key Sources The options are Save to File, Set New, and
Erase.
Forbidden Signatures
This feature allows the user to enter and configure a set of values to be used as Forbidden
Signatures for the system. These values also indicate the size, the keys numbers, and the
key source of the Forbidden Signatures. The options are Save to File, Set New, and Erase.
Authorized TimeStamps
This feature allows the user to set and save the timestamps for Authorized Signatures to
indicate when these signatures were entered into the system. The options are Save to File,
Set New, and Erase.
OsRecovery Signatures
This feature allows the user to set and save the Authorized Signatures used for OS recovery.
The options are Save to File, Set New, and Erase.
105
Chapter 4: BIOS