Secure boot is used to ensure your computer starts safely and prevents unauthorized software like malware from taking control of your PC at start-up. As long as you have a relatively new laptop or server (2012 or newer), secure boot is enabled by default. As of version 8.5, Rocky Linux supports secure boot and is completely trusted using our own Rocky Enterprise Software Foundation signed shims.


  • Zane Hamilton, Director Sales Engineering at CIQ
  • Neil Hanlon, Solutions Architect at CIQ

Note: This transcript was created using speech recognition software. While it has been reviewed by human transcribers, it may contain errors.


Zane Hamilton:

So is there anything special that you have to do to enable Secure Boot when you're doing this with Rocky?

Neil Hanlon: As long as you have relatively recent hardware, and by relatively recent, I mean probably 2012, 2013. We know there are systems out there that are older and still good and still able to run stuff. If you have older systems, there may be incompatibilities with the shim due to hardware design issues. However, I think those are kind of few and far between. So most of the time, especially if you have a new laptop or something, you can just boot up and Secure Boot should be enabled by default if you're using Rocky Linux 8.5.