.. avv1595963682527 .. _uefi-secure-boot: ================ UEFI Secure Boot ================ Secure Boot is a technology where the system firmware checks that the system boot loader is signed with a cryptographic key authorized by a configured database of certificate\(s\) contained in the firmware or a security device. It is used to secure various boot stages. |prod|'s implementation of Secure Boot also validates the signature of the second-stage boot loader, the kernel, and kernel modules. Operational complexity: .. _uefi-secure-boot-ul-cfz-cvf-mmb: - For each node that is going to use secure boot, you must populate the |prod| public certificate \(with public key\) in the |UEFI| Secure Boot authorized database in accordance with the board manufacturer's process. - You may need to work with your hardware vendor to have the certificate installed. - This must be done for each node before starting the installation. For more information, see the section :ref:`UEFI Secure Boot `.