Secure boot

This document is about how to use secure boot with Linux on IBM Z and IBM LinuxONE.

PDF file for secure boot
You can view and print this information in PDF format.
Introduction to secure boot on IBM Z and IBM LinuxONE
Use secure boot to ensure the code that you boot is trustworthy.
Using secure boot on Linux on IBM Z and IBM LinuxONE
Using secure boot includes finding out if your environment supports it, preparing a boot device, initiating a boot procedure, and verifying that Linux was booted using secure boot.
Managing secure boot certificates
Manage certificates for an LPAR, learn about Linux keyrings, how to enable third-party certificates, how to obtain distributor certificates, and know which certificates are built into the firmware.
Signing boot files and modules with your own key
You can sign Linux boot files and kernel modules with your private keys.
Troubleshooting secure boot
Problems that you can fix include expired certificates, obsolete packages, missing signatures, and unsupported environments.
Where to get more information
Find more information about Linux on IBM Z and IBM LinuxONE.
Conventions used in this publication
A summary of the styles, highlighting, and assumptions used throughout this publication.