1 Reply Latest reply on Dec 29, 2015 2:49 PM by Dan_Intel

    Secure Boot with S2600WTT and Adaptec RAID controller doesn't work

    SECOIT_GmbH

      Hi All,

       

      I'm trying to enable secure boot on my S2600WTT board (latest BIOS 01.01.0011) but when I enable it the system doesn't display the Adaptec RAID controller (81605ZQ) anymore and also I can't choose any of the EFI boot files on the HDDs connected to this controller since the controller seems to be completely invisible to EFI after enabling Secure Boot.
      "Normal" EFI boot works fine. Installing Windows Server 2012 R2 from DVD with Secure Boot enabled also works fine, Windows can see all logical RAID disks. EFI just doesn't seem to see any of them after the following reboot that is necessary during install.
      The Adaptec 81605ZQ is supposed to be Secure Boot capable according to the Adaptec website.

       

      Now I'm pretty much a novice when it comes to Secure Boot. After several hours of research this is what I guess needs to be done: It seems that I need to add the keys for the Adaptec controller to either the "db" or "KEK" variables. It looks like to accomplish that I will need to delete the "db", "dbx", "PK" and "KEK" variables first (of course I took a backup from UEFI shell and also from Windows Power Shell before) but it doesn't let me delete these variables (I tried from Windows using latest syscfg.exe and also from EFI shell)
      According to specs that seems normal since "physical presence" is required to mess with these variables so I would expect to find some option to maintain or delete these variables from System Setup. But I can't find anything there. My Dell devices let me manage the Secure Boot keys from the BIOS setup. I still haven't found out how this is done on an Intel server.

       

      After a few hours I'm giving up for now hoping someone from this forum can help.

       


      Thanks,
      Michael