Forum Stats

  • 3,816,616 Users
  • 2,259,214 Discussions
  • 7,893,519 Comments

Discussions

Unable to import certificate on OL8.5 UEK6 server running in VMWare

jtaylor_75
jtaylor_75 Member Posts: 3 Red Ribbon

Having an issue importing a cert using mokutil on a OL8.5 UEK6 instance (kernel 5.4.17-2136.305.5.3.el8uek.x86_6) running in VMWare ESXi, 7.0.2, 17867351.

We run

# sudo mokutil --import <cert file>

# Reboot

Mokutil import utility starts, cert appears to import. After reboot cert shows when running 'mokutil --list-enrolled' but does not show as being loaded in dmesg log or in /proc/keys.

We have a virtually identical instance running on Hyper-V, same kernel and all, that is not having this issue. We are able to import the cert on the instance running in Hyper-V and it shows in /proc/keys. Thinking the issue may be specific to VMWare, but we're not sure how? We have tried with secure boot off and on and still have the same issue. This is a public code signing cert for CrowdStrike Falcon Endpoint Protection that we are trying to import. We're reaching out to vendors as well but so far no one has had a solution. Thought I would try here to see if anyone else has seen this?

Answers