FQXSFPU0023G : Secure Boot Image Verification Failure Warning.
Secure Boot Image Verification Failure Warning.
Reporting un-trusted boot image when Security Boot is enabled.
Severity
Warning
User Action
Complete the following steps:
- It is a security warning message when a user wants to boot from an unauthorized UEFI image or OS while Secure Boot is enabled and Secure Boot Mode is in User Mode. If the customer does not want to boot any unauthorized UEFI image or OS, remove that bootable device.
- If the customer does want to boot this unauthorized UEFI image or OS, there are two ways to allow system boot from this unauthorized image, the first is to disable Secure Boot, and the second is to enroll the unauthorized image into DB (Authorized Signature Database).
- Disable Secure Boot: assert Physical Presence and then change Secure Boot Setting to Disable ( in F1 Setup -> System Settings -> Security -> Security Boot Configuration -> Security Boot Setting).
- Enroll the unauthorized UEFI Image. assert the Physical Presence and then change Secure Boot Policy to Custom Policy ( in Setup -> System Settings -> Security -> Security Boot Configuration -> Security Boot Policy), then enter into "Security Boot Custom Policy" Menu, press the "Enroll Efi Image" button, select the unauthorized UEFI Image in the popup box.
- NOTE: There are two ways to assert Physical Presence:
- Switch Physical Presence Jumper to ON;
- If the Physical Presence Policy has been set to enabled ( F1 Setup -> System Settings -> Security -> Physical Presence Policy Configuration), user is allowed to assert remote Physical Presence via IPMI tool.)
- If the problem persists, collect Service Data logs and contact Lenovo Support.
Give documentation feedback