Users should follow the steps below to enroll the Trend Micro public key:
- Enable XDR capability for the endpoint from Trend Micro Vision One Endpoint Inventory. When enabled, download these Trend Micro public keys from the following links:
-
Install the Machine Owner Key (MOK) facility, if it isn't already installed. Use the following command:
-
for RHEL and CentOS
yum install mokutil
-
for Ubuntu
apt-get install mokutil
-
-
Add the public keys to the MOK list respectively. Refer to the following commands:
- mokutil --import DS20.der
- mokutil --import DS20_v2.der
- mokutil --import DS2022.der
For details about manually adding the public key to the MOK list, refer to your Linux documentation. - When prompted, enter a password that you will use later in this procedure.
- Reboot the system.
-
After the computer restarts, the Shim UEFI key management console opens.
- Press any key to get started.
- On the Perform MOK management screen, select Enroll MOK.
- On the Enroll MOK screen, select View key 0.
- On the Enroll the key(s)? screen, select Yes and then enter the password you set in step 4, above.
- On the The system must now be rebooted screen, select OK to confirm your changes and reboot.
-
Use the mokutil utility to check if the key successfully enrolled or not. Use the following commands respectively:
- mokutil --test-key DS20.der
- mokutil --test-key DS20_v2.der
- mokutil --test-key DS2022.der