Wiki Home Server installation Diskless UEFI SECURE BOOT
Diskless UEFI SECURE BOOT
2023-08-12
diskless, boot, client, uefi, secureboot
After CCBooCloud 2023 ver 0812 Secure boot supported (Upgrate server and image)
1. Verify UEFI Compatibility:
Check if your motherboard firmware supports UEFI and Secure Boot for Windows 11. If not, update the motherboard's firmware to the latest version available on the official motherboard website.
If your bios version is very old you must update 1 by 1 the versions from oldest to latest version.
Do not skip this step
2.Access the BIOS settings and navigate to the boot page. (Figure 1)
Figure 1
3.Set secure boot as windows UEFI mode (Figure 2)
Figure 2
4.Prepare a USB drive with the Youngzsoft.cer file. You can download this certificate from the following link: Youngzsoft.cer
5.Next on the secure boot page at KEY management import the Youngzsoft.cer from the usb prepare earlier, in DB Management. (Figure 3)
(*DBX is black list of secure boot key, DO NOT IMPORT ON DBX)
DB Managemnet or Authorized Signatures
( Select append key- Select no to open file from usb - select Youngzsoft.cer - save)
Note:In various motherboard models, the term "DB Managemnet " may be referred to by different names as “Authorized Signatures”.
Figure 3
6.Once you done save the changes of BIOS and go back to create a UEFI boot image
Note: You have to create the image with version 2023 0813 and later of CCbootCloud to work with secure boot
If you are using realtek NIC, you need to download this version nic driver (DON'T use the lastest driver, it's not working) - https://update.youngzsoft.com/icafecloud/update/realtekwin11.zip
7.Once the image is ready on iCafeCloud admin panel in Boot section , edit the client PC and select secureboot in PXE field. (Figure 4)
Figure 4
Images from a different Gigabyte motherboard.
