Next: append_add_dbx_hash, Previous: append_add_db_hash, Up: Command-line commands [Contents][Index]
Read an X.509 certificate from the file X509_certificate
and add it to GRUB’s internal dbx list of distrusted certificates.
These certificates are used to ensure that the distrusted certificates
are rejected during appended signatures validation when the environment
variable check_appended_signatures is set to yes
(see check_appended_signatures) or the append_verify
(see append_verify) command is executed from the GRUB console.
Also, these certificates are used to prevent distrusted certificates from
being added to the db list later on.
See Using appended signatures in GRUB for more information.