Secure Boot

When installing ArcaOS 5.1 in a UEFI environment, Arca Noae recommends disabling Secure Boot. However, this may not always be practical.

ArcaOS 5.1 does ship with self-signed keys which may be imported into the system MOK either using tools provided in the system BIOS setup or third party applications. The two files to be imported are located in the ESP, and are named ANdb.cer and ANdb.crt.

The ArcaOS UEFI kernel has been signed, and once the keys are properly imported into the system MOK, Secure Boot should work as designed. This should also not disturb any other keys which may have been provided with the system or which have already been imported.

Note: If your existing volumes are encrypted by Bitlocker, be sure to retrieve your Bitlocker key before disabling Secure Boot. Look for a Control Panel applet to do this.

This page will be expanded to provide authoritative links to further information and to third party tools.

This entry last updated: by Lewis Rosenthal