mirror of
https://github.com/jiazhang0/meta-secure-core.git
synced 2026-07-16 12:47:00 +00:00
key-store: rename ima private key and certificate on target
If sample keys are selected, key-store service will deploy IMA private key during first boot, but beople may be confused if we deploy a sample private key like "xxx.crt", so this commit is making sure key/cert on target are consistent with key files on build system. Signed-off-by: Yunguo Wei <yunguo.wei@windriver.com>
This commit is contained in:
@@ -19,5 +19,5 @@ CONFIG_IMA_APPRAISE_BOOTPARAM=y
|
||||
CONFIG_IMA_TRUSTED_KEYRING=y
|
||||
CONFIG_IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY=y
|
||||
CONFIG_IMA_BLACKLIST_KEYRING=y
|
||||
CONFIG_IMA_X509_PATH="/etc/keys/x509_evm.der"
|
||||
CONFIG_IMA_X509_PATH="/etc/keys/x509_ima.der"
|
||||
# CONFIG_IMA_APPRAISE_SIGNED_INIT is not set
|
||||
|
||||
Reference in New Issue
Block a user