Asus PRIME Z590-P WIFI Intel 500 series Channel BIOS UM English - Page 54

KEK Management, Save To File, Set New Key, Append Key, Delete key

Get Asus PRIME Z590-P WIFI PDF manuals and user guides View all Asus PRIME Z590-P WIFI manuals
Add to My Manuals
Save this manual to your list of manuals

Page 54 highlights

KEK Management The Key Exchange Keys (KEK) manages the Signature database (db) and Forbidden Signature database (dbx). Key Exchange Keys (KEK) refers to Microsoft Secure Boot Key-Enrollment Key (KEK). Save To File Allows you to save the KEK to a target file system device. Set New Key A popup window will appear if you press . Select [Yes] if you wish to load factory default KEK, or [No] to load KEK from a target file system device. Append Key A popup window will appear if you press . Select [Yes] if you wish to load factory default KEK, or [No] to load additional KEK from a target file system device for an additional db and dbx loaded management. Delete key This item allows you to delete the KEK from NVRAM. Select [Yes] if you wish to delect the variable, or [No] to choose a certificate to be delected from the key database. The KEK file must be formatted as a UEFI variable structure with time-based authenticated variable. DB Management The Authorized Signatures (db) lists the signers or images of UEFI applications, operating system loaders, and UEFI drivers that you can load on the single computer. Save To File Allows you to save the db to a target file system device. Set New Key A popup window will appear if you press . Select [Yes] if you wish to load factory default db, or [No] to load db from a target file system device. Append Key A popup window will appear if you press . Select [Yes] if you wish to load factory default db, or [No] to load additional db from a target file system device for an additional db and dbx loaded management. Delete key Allows you to delete the db from NVRAM. Select [Yes] if you wish to delect the variable, or [No] to choose a certificate to be delected from the key database. The db file must be formatted as a UEFI variable structure with time-based authenticated variable. DBX Management The Forbidden Signature database (dbx) lists the forbidden images of db items that are no longer trusted and cannot be loaded. 54 PRIME / TUF GAMING Intel® 500 Series BIOS Manual

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
54
PRIME / TUF GAMING Intel
®
500 Series BIOS Manual
KEK Management
The Key Exchange Keys (KEK) manages the Signature database (db) and Forbidden
Signature database (dbx).
Key Exchange Keys (KEK) refers to Microsoft Secure Boot Key-Enrollment Key (KEK).
Save To File
Allows you to save the KEK to a
target file system device
.
Set New Key
A popup window will appear if you press <Enter>. Select [Yes] if you wish to load
factory default KEK, or [No] to load KEK from a
target file system device
.
Append Key
A popup window will appear if you press <Enter>. Select [Yes] if you wish to
load factory default KEK, or [No] to load additional KEK from a
target file system
device for an additional db and dbx loaded management.
Delete key
This item allows you to delete the KEK from NVRAM. Select [Yes] if you wish
to delect the variable, or [No] to choose a certificate to be delected from the key
database.
The KEK file must be formatted as a UEFI variable structure with time-based authenticated
variable.
DB Management
The Authorized Signatures (db) lists the signers or images of UEFI applications,
operating system loaders, and UEFI drivers that you can load on the single computer.
Save To File
Allows you to save the db to a
target file system device
.
Set New Key
A popup window will appear if you press <Enter>. Select [Yes] if you wish to load
factory default db, or [No] to load db from a
target file system device
.
Append Key
A popup window will appear if you press <Enter>. Select [Yes] if you wish to load
factory default db, or [No] to load additional db from a
target file system device
for an additional db and dbx loaded management.
Delete key
Allows you to delete the db from NVRAM. Select [Yes] if you wish to delect the
variable, or [No] to choose a certificate to be delected from the key database.
The db file must be formatted as a UEFI variable structure with time-based authenticated
variable.
DBX Management
The Forbidden Signature database (dbx) lists the forbidden images of db items that are
no longer trusted and cannot be loaded.