XCP-ng
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    XCP-ng 8.2.1 Guest UEFI Secure Boot

    Scheduled Pinned Locked Moved XCP-ng
    12 Posts 4 Posters 1.5k Views 4 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T Offline
      TwoPlus1
      last edited by TwoPlus1

      I've been searching but not found a solution for this problem so far. After setting up two hosts and successfully connecting them to my Synology iSCSI storage with Multipathing enabled I tried to configure my first Windows Server 2022 VM. On enabling Secure Boot I was presented with the message 'This pool has not yet been setup for Guest UEFI Secure Boot.'

      I then ran the required command on the host and noted the output.

      secureboot-certs install default default default latest

      Successfully installed certificates to the XAPI DB for pool.

      After this I tried adding the VM again but get the same message. Restarting the hosts didn't resolve the problem either.

      secureboot-certs report

      secureboot-certs -- Report
Certificate Info for pool: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx):
Certificates (4): PK.auth, KEK.auth, db.auth, dbx.auth

Certificate: PK.auth
Auth file md5: 3ebe3795a5950e68b66292a6c0181742
Certificate: KEK.auth
Auth file md5: 51ad99ebf87c5e68530af5d0d373b4a3
Certificate: db.auth
Auth file md5: bfe27c2a9d5f6a5adc5c0228f91fcc13
Certificate: dbx.auth
Auth file md5: 321878c31426dcf1988a2834c88a291

      Everything looks as though it's set up correctly but am I missing a step?

      1 Reply Last reply Reply Quote 0
      • olivierlambertO Offline
        olivierlambert Vates 🪐 Co-Founder CEO
        last edited by

        Ping @yann or @stormi

        1 Reply Last reply Reply Quote 0
        • stormiS Offline
          stormi Vates 🪐 XCP-ng Team
          last edited by

          This message is not supposed to be displayed for XCP-ng 8.2 pools. If it is, then it's a Xen Orchestra bug.

          1 Reply Last reply Reply Quote 0
          • T Offline
            TwoPlus1
            last edited by

            Thanks, I deployed XOA, registered and fully updated it before building my first VM. I'll try deploying another instance and see if that resolves it.

            1 Reply Last reply Reply Quote 0
            • T Offline
              TwoPlus1
              last edited by TwoPlus1

              @stormi
              Deploying a new unpatched XOA resolved the problem.

              1 Reply Last reply Reply Quote 0
              • olivierlambertO Offline
                olivierlambert Vates 🪐 Co-Founder CEO
                last edited by

                I'm not sure to get it, so on a XOA full up to date you have the issue?

                T 1 Reply Last reply Reply Quote 0
                • T Offline
                  TwoPlus1 @olivierlambert
                  last edited by

                  @olivierlambert Yes, with all updates requireing registration but not the trial. Deploying a new XOA without any updates resolved the problem.

                  MathieuRAM 2 Replies Last reply Reply Quote 0
                  • stormiS Offline
                    stormi Vates 🪐 XCP-ng Team
                    last edited by

                    Since the feature in which I suspect a bug was introduced in recent versions of XO only, this would seem logical (depending on what version XOA deploys initially).

                    1 Reply Last reply Reply Quote 0
                    • olivierlambertO Offline
                      olivierlambert Vates 🪐 Co-Founder CEO
                      last edited by

                      So it's a regression, pinging @MathieuRA to go deeper (or to select someone to do so)

                      1 Reply Last reply Reply Quote 0
                      • stormiS Offline
                        stormi Vates 🪐 XCP-ng Team
                        last edited by

                        I pinged the XO team too 🙂

                        1 Reply Last reply Reply Quote 1
                        • MathieuRAM Offline
                          MathieuRA Vates 🪐 XO Team @TwoPlus1
                          last edited by

                          Hi @TwoPlus1, thanks for the report. I can reproduce the bug. We will fix this for the next release (5.99)`

                          1 Reply Last reply Reply Quote 1
                          • MathieuRAM Offline
                            MathieuRA Vates 🪐 XO Team @TwoPlus1
                            last edited by

                            I see that the bug is actually already fixed on the latest version (5.98.1).

                            1 Reply Last reply Reply Quote 1
                            • First post
                              Last post