ID 683823
Date 11/22/2022
Public

## 2.1.3. Creating the Signature Chain Root Entry

Convert the root public key into a signature chain root entry, stored on the local file system in the Intel® Quartus® Prime key (.qky) format file, with the make_root operation. Repeat this step for each root key you generate.

Run the following command to create a signature chain with a root entry, using a root public key from the file system.
quartus_sign --family=agilex --operation=make_root  \
--key_type=owner root0_public.pem root0.qky
Run the following command to create a signature chain with a root entry, using the root key from the SoftHSM token established in the prior section.
quartus_sign --family=agilex --operation=make_root --key_type=owner \
--module=softHSM --module_args="--token_label=agilex-token \
--user_pin=agilex-token-pin \
--hsm_lib=/usr/local/lib/softhsm/libsofthsm2.so" root0 root0.qky