VxRail: How to enable and disable UEFI Secure Boot

Summary: How to enable and disable UEFI Secure Boot on VxRail.

Acest articol se aplică pentru Acest articol nu se aplică pentru Acest articol nu este legat de un produs specific. Acest articol nu acoperă toate versiunile de produs existente.
Consultați alte resurse

Instructions

How to enable UEFI Secure Boot.

1. Check the current ESXi status:

  • Before enabling Secure boot, VIBs installed on the ESXi should pass the esxcli software vib signature verify. 
  • Run the command:
    esxcli software vib signature verify
You must remove or replace any unsigned VIBs before enabling.


Screenshot showing VIB list 


2. Enablement

a. From vCenter HTML5 Client, move the node to maintenance mode:

Screenshot showing the maintenance mode option


b. Check the VGA output of the node. Do this by either by connecting the VGA console physically or redirecting VGA output from IDRAC virtual console.

 

Screenshot showing how to open launch the console from the iDrac

c. Select Next Boot and "BIOS Setup"
 

Screenshot showing setting the next boot option 
 

Saving the next boot option

d. Reboot the node. The node reboots into BIOS setup.
 

Screenshot showing the reboot of the host


e. Set Secure Boot to Enabled from the BIOS Setup.


Screenshot of the secure boot option in the bios 


f. A warning message is shown. Select OK.

 

Saving changes after enabling secure boot

g. Save and Finish.

 

Saving the changes in the bios
h. Node reboots. And you see the following screen that indicates Secure Boot is enabled.


Boot notification screen indicating the secure boot settings were changed 
 

i. Exit Maintenance Mode


Removing host from maintenance mode 


j. Apply step #a - #i on the other nodes in the cluster.

 


How to disable UEFI Secure Boot

a. From vCenter HTML5 Client, move the node to maintenance mode.
 

Place the host in maintenance mode


b. Check the VGA output of the node. Do this by either by connecting the VGA console physically or redirecting VGA output from IDRAC virtual console.



launch the console from the idrac 
 

c. Select Next Boot and "BIOS Setup". 
 

set next boot as bios setup 
 

save next boot settings

d. Reboot the node. The node reboots into BIOS setup.


reboot the host from vSphere 


e. Set Secure Boot to Disabled from BIOS Setup.


disable secure boot 


f. Save and Finish.

 

save and finish the changes

g. The system reboots, there will be a console message indicating UEFI Secure Boot policy that is changed:


Bios boot message indicating secure boot settings were changed 
 

h. After host boots up, exit Maintenance Mode.


exit host from Maintenace mode 
 

i. Apply steps #a - #h for all the other nodes.
 
 

Produse

VxRail, VxRail Appliance Series, VxRail Software
Proprietăți articol
Article Number: 000158364
Article Type: How To
Ultima modificare: 10 Apr 2025
Version:  7
Găsiți răspunsuri la întrebările dvs. de la alți utilizatori Dell
Servicii de asistență
Verificați dacă dispozitivul dvs. este acoperit de serviciile de asistență.