To create a new MOK key to use for signing, then run the appropriate kmodsign command to sign your kernel module. To make this simple, you can use the command: You may also opt to sign modules yourself. To re-enable Secure Boot validation in shim, simply run sudo mokutil -enable-validation. Press Enter key to finish the whole procedure. Select Yes to disable Secure Boot in shim-signed.
Method 1 - Install the DKMS package you need There are several methods to configure your system to properly load DKMS modules with Secure Boot enabled. In order to make DKMS work, Secure Boot signing keys for the system must be imported in the system firmware, otherwise Secure Boot needs to be disabled. You can read more details in this bug in Launchpad.īecause of those changes, DKMS modules will not work on systems with Secure Boot enabled unless correctly configured. DKMS modules need to be configured to work with UEFI Secure Boot