> In the default configuration, iPXE trusts only a single root certificate: > > the "iPXE root CA" certificate <https://ipxe.org/_media/certs/ca.crt>. > > This root certificate is used to cross-sign the standard Mozilla list of > > public CA certificates > > <http://mxr.mozilla.org/comm-central/source/mozilla/security/nss/lib/ckfw/builtins/certdata.txt> > > . > > > Do I need to download the iPXE root ca and compile it in? If so how? >
Hi, you can check out[1] to see how TRUST and CERT is used in a makefile in the Arch Linux case. I'm not sure if this is the "blessed" way of doing it but it is the one that seems to work. Cheers! -Santiago [1] https://aur.archlinux.org/cgit/aur.git/tree/PKGBUILD?h=ipxe-netboot
signature.asc
Description: PGP signature
_______________________________________________ ipxe-devel mailing list ipxe-devel@lists.ipxe.org https://lists.ipxe.org/mailman/listinfo/ipxe-devel