Views:
SuSE kernel add codesigning EKU checking for their kernel module after 5.3.18-24.34-default,  We need to create new secure boot public key with extra filed “Extended Key Usage”. DS20_v2.der has been created and will be included in the future DS20 update. Please follow the instructions on below if you encounter this issue.
 
  1. Enroll DS20_v2.der again for passing codesigning EKU checking, please follow the instructions on below:
    https://help.deepsecurity.trendmicro.com/20_0/on-premise/agent-linux-secure-boot.html

Note: new public key should be under /opt/ds_agent/secureboot/DS20_v2.der, please ask support’s help to get this new key if you can’t find it in your agent build.
 
  1. Go to DSM console, do the following steps for importing latest SuSE15 kernel support package.
 a. Login to DSM
b. Click Administration
c. Click Software and click “Check for updates”
d. Click Download Center
e. Find lastest SuSE15 KSPs (KernelSupport-SuSE_15-20.0.0-1547.x86_64.zip)
f. Click “IMPORT NOW”


Reference: https://github.com/SUSE/kernel/commit/11340e5c3590a9a4467412887f6218419cbbb194