3. Platform Key Configuration

After completing the OS install, you must enroll the Platform Key (PK) into your UEFI firmware. This enables Secure Boot and allows Arcane OS to advance to phase 2 of its setup.

🛡️ One‑time step per machine: If you’ve already enrolled the PK here, you can skip this on future reinstalls.

Configuration Overview

Phase
Description

Reboot to Firmware

Boot into your system’s UEFI or OVMF menu.

Enroll PK

Navigate Firmware > Secure Boot > Enroll PK Using File.

Select Key File

Locate and import pk.der from the Arcane OS boot partition.

Commit & Continue

Save changes, exit firmware, and confirm Secure Boot is active on next boot.

Detailed Step-by-Step

1. Reboot into Firmware

  • After the installer reboots, press Enter at the splash screen (or let it timeout).

  • You should drop into the UEFI firmware menu (or OVMF console for VMs).

  • ⚠️ Firmware UIs vary by vendor—consult your motherboard or hypervisor docs if needed.

2. Open Secure Boot Settings

  • Use the arrow keys to navigate to “Device Manager” or “Security” menus.

  • Select “Secure Boot Configuration”.

3. Set Boot Mode to Custom

  • Highlight “Secure Boot Mode”, press Enter, and choose “Custom Mode”.

4. Access PK Enrollment

  • Under Custom Secure Boot Option, press Enter.

  • Choose “PK Options”, then “Enroll PK”.

5. Choose Enrollment Method

  • Select “Enroll PK Using File”.

6. Locate the PK File

After choosing Enroll PK Using File, you'll be prompted to navigate the filesystem to locate the key file.

🗂️ The ArcaneOS installer automatically places all necessary public keys on the boot partition.

  1. Navigate to the boot Partition

  1. Open the loader Directory

  1. Open the keys Folder

  1. Open the fluxOS Folder

  1. Select the Key File: pk.der

  • Highlight pk.der and press Enter to import.

  • 🔐 OVMF accepts .der; some physical boards may require .auth.

6. Commit Changes & Exit

  • Select “Commit Changes and Exit” (or equivalent).

  • Press Esc three times to return to the main firmware screen.

  • Choose “Continue” to boot.

7. Verify Secure Bott

  • At the next boot, you should see a confirmation that Secure Boot is enabled.

  • The system will load Arcane OS and confirms that your ArcaneOS installation is securely verified and ready for node configuration.

Cover

Cover

Tips & Troubleshooting

  • Unable to Enter Custom Mode? Ensure “Pre‑Enroll Keys” was disabled during VM creation or on your motherboard’s setup.

  • PK File Not Found? Confirm you completed the OS install and that the installer placed keys under /boot/loader/keys/fluxOS/.

  • Firmware Locked Out? Some vendors hide Secure Boot settings. Look for “OS Type” or “Platform Key” entries—selecting “Windows” often exposes custom options.

Previous2. OS InstallationNext4. Configure Your FluxNode

Last updated