SCIENTIFIC-LINUX-ERRATA Archives

August 2020

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Updating Scientific Linux 7 Secure Boot key
From:
Patrick Riehecky <[log in to unmask]>
Reply To:
Patrick Riehecky <[log in to unmask]>
Date:
Fri, 21 Aug 2020 18:17:26 +0000
Content-Type:
multipart/mixed
Parts/Attachments:
text/plain (3256 bytes) , SECURE-BOOT-KEY-fnal-sl7-exp-2023-09-27.der (1545 bytes) 
-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1



Attention all Scientific Linux users of Secure Boot:



A new SECURE BOOT key for Scientific Linux 7 will be used starting

August 26 2020.  The existing key expires on the same day.



The new key is published at



http://ftp.scientificlinux.org/linux/scientific/7x/x86_64/os/SECURE-BOOT-KEY-fnal-sl7-exp-2023-09-27



in DER format[2].



A new grub2, shim, fwupd, and kernel will be issued along with the

first errata requiring this key.



For more information on Scientific Linux 7 and Secure Boot please

review our release notes[1].



UEFI SECURE BOOT users should validate the new certificate and load it

at this time[1].



Thanks,



The Scientific Linux Team



[1]

http://ftp.scientificlinux.org/linux/scientific/7x/x86_64/release-notes/#_about_uefi_secure_boot



[2] A PEM formatted version of the certificate is provided here as

well:

- -----BEGIN CERTIFICATE-----

MIIF3jCCBMagAwIBAgIQAkyHL6S+kt/bvsNMzNB9rjANBgkqhkiG9w0BAQsFADBs

MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3

d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBFViBDb2RlIFNpZ25p

bmcgQ0EgKFNIQTIpMB4XDTIwMDgyMTAwMDAwMFoXDTIzMDkyNzEyMDAwMFowgd8x

EzARBgsrBgEEAYI3PAIBAxMCVVMxGjAYBgNVBA8MEUdvdmVybm1lbnQgRW50aXR5

MRowGAYDVQQFExFHb3Zlcm5tZW50IEVudGl0eTELMAkGA1UEBhMCVVMxETAPBgNV

BAgTCElsbGlub2lzMRAwDgYDVQQHEwdCYXRhdmlhMS4wLAYDVQQKEyVGZXJtaSBO

YXRpb25hbCBBY2NlbGVyYXRvciBMYWJvcmF0b3J5MS4wLAYDVQQDEyVGZXJtaSBO

YXRpb25hbCBBY2NlbGVyYXRvciBMYWJvcmF0b3J5MIIBIjANBgkqhkiG9w0BAQEF

AAOCAQ8AMIIBCgKCAQEAoEFaNBWGiocZ84lCRkcOJedpNwnY6wRRkC4f6D+yZcVn

rJVRdVfgMomX7RG3r+bFXZh3TDgA0snfIHDSDDoXRDKsHmJ5r/UDomK1X5tkso6h

GhNuwNVR/fzNiq8MzomJJK3JW75t6+6sz2mgTUuxL+VyTLIFzMl4gUL1b7H5/c8T

AtaY76NgzZrpiPXVL0BeR/Qm3+KkP21zbBpwdT3pBY88E3TOLVMxUJyjD78ENLPj

O4kzlPVjYCywqmIs1KXDMpcToZexm84EuLFY9r9Pn8UJa8RtKSIh8J9q8CaeN6uY

HYMb6LspvrvZuJmw2cKWazqwD/Cw8QkNim0qWbuKaQIDAQABo4ICBjCCAgIwHwYD

VR0jBBgwFoAUj+h+8G0yagAFI8dwl2o6kP9r6tQwHQYDVR0OBBYEFMWhIriHBCEd

zqnfBeRYMaW/OKSDMEMGA1UdEQQ8MDqgOAYIKwYBBQUHCAOgLDAqDChVUy1GRVJN

SSBOQVRJT05BTCBBQ0NFTEVSQVRPUiBMQUJPUkFUT1JZMA4GA1UdDwEB/wQEAwIH

gDATBgNVHSUEDDAKBggrBgEFBQcDAzB7BgNVHR8EdDByMDegNaAzhjFodHRwOi8v

Y3JsMy5kaWdpY2VydC5jb20vRVZDb2RlU2lnbmluZ1NIQTItZzEuY3JsMDegNaAz

hjFodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRVZDb2RlU2lnbmluZ1NIQTItZzEu

Y3JsMEsGA1UdIAREMEIwNwYJYIZIAYb9bAMCMCowKAYIKwYBBQUHAgEWHGh0dHBz

Oi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwBwYFZ4EMAQMwfgYIKwYBBQUHAQEEcjBw

MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wSAYIKwYBBQUH

MAKGPGh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEVWQ29kZVNp

Z25pbmdDQS1TSEEyLmNydDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBCwUAA4IB

AQBw5qkUbY9rDpngiwvSqp9ArNbDFV5mEmgjbwuQsrvHn6YVOxwmCQKhcmrMeUk7

UA+KAbRSbLdU+cdANKXJb7ULckrE7HO/cQkNYp7DXutamr8/KTtmtTa1ykf7XiFx

5E02ZZStBtKRApyCgWVndkYxRFdxuS9iF6SWt3Qcxy+yPkJQbwzhnKBXCQHkLbsx

1S2aKuZe55zqOj3LOxZFrL468dVvhxkhFbHHWjGXJwpmGYfhINTK/Wilvt3zaBAW

Ppc7RmkFb+KbX31pexkHbl9OC9IPxuXQuBAraqDBll7mvmx9CPQn8yKyJkOaNKDo

hwe+cMb58gPKjxydEv8ZvFpf

- -----END CERTIFICATE-----















-----BEGIN PGP SIGNATURE-----

Version: GnuPG v2.0.22 (GNU/Linux)



iEYEARECAAYFAl9ADUAACgkQsLQYPxkqfX3rzACfcUhrZOEeY8mgVxr9nXHjOiVu

ifwAmwQEaMVtgrqF+w/6FVVYbDR1ieoZ

=EpGc

-----END PGP SIGNATURE-----

ATOM RSS1 RSS2