diff --git a/Earthfile b/Earthfile index bc828ec..cbc1719 100644 --- a/Earthfile +++ b/Earthfile @@ -51,7 +51,7 @@ ARG UPDATE_KERNEL=false # UKI Variables ARG IS_UKI=false -ARG INCLUDE_MS_SECUREBOOT_KEYS=false +ARG INCLUDE_MS_SECUREBOOT_KEYS=true ARG AUTO_ENROLL_SECUREBOOT_KEYS=false ARG UKI_BRING_YOUR_OWN_KEYS=false diff --git a/README.md b/README.md index 0627b1f..78ed782 100644 --- a/README.md +++ b/README.md @@ -136,7 +136,7 @@ cp .arg.template .arg | CLUSTERCONFIG | Path of the cluster config | string | | | IS_UKI | Build UKI(Trusted boot) images | boolean | `false` | | UKI_BRING_YOUR_OWN_KEYS | Bring your own public/private key pairs if this is set to true. Otherwise, CanvOS will generate the key pair. | boolean | `false` | -| INCLUDE_MS_SECUREBOOT_KEYS | Include Microsoft 3rd Party UEFI CA certificate in generated keys | boolean | `false` | +| INCLUDE_MS_SECUREBOOT_KEYS | Include Microsoft 3rd Party UEFI CA certificate in generated keys | boolean | `true` | | AUTO_ENROLL_SECUREBOOT_KEYS | Auto enroll SecureBoot keys when device boots up and is in setup mode of secure boot | boolean | `true` | 1. (Optional) If you are building the images behind a proxy server, you may need to modify your docker daemon settings to let it use your proxy server. You can refer this [tutorial](https://docs.docker.com/config/daemon/systemd/#httphttps-proxy).