Permit Usage of Self-Signed Certificates for SecureBoot VMs #70
Description
Is your feature request related to a problem? Please describe.
I would like to be able to define a VM to use uefi, then in the uefi "firmware" I would like to be able to configure my own self-signed cert for secureboot. Currently I can define the VM no problem via virsh XML file but when I add my certificate it comes back "Validation Error". In Proxmox and other Qemu hypervisors this is not a problem and we are able to define secure boot with a selfsigned key.
Describe the solution you'd like
I would like the ability to utilize a self-signed key for secure boot. I am not interested in using a certificate signed by Microsoft as we use a key we maintain via HSM and that is plenty secure for us (we presign our kernel, initramfs, and bootloader with our private key and as a result the self signed certificate is plenty secure for us.
Describe alternatives you've considered
I would like the ability to use a self-signed certificate within the UEFI machine (I was using the debian spin) for my VM. I am able to use self-signed certificates in Proxmox.
/
Additional context
Non-Working Message in Seapath
Working Message in Proxmox
