Steps to enable the secure boot mode
The system displays a Secure Boot warning every time is booted up. It boots normally to Windows, but the warning persists, when rebooting the system.
Warning Message:
Unable to load device firmware due to secure boot policy.
Please ensure device firmware is properly certified.
The device firmware must be authorized by a key in the valid signature database.
If the secure boot feature is not desired, disable UEFI secure boot in system setup.
Follow the steps below to enable Secure Boot:
- Go to the BIOS (Press F2 when the system is posting).
- Once in the BIOS, go to Boot Maintenance Manager > Advanced boot options > Secure Boot Configuration.
- Set Attempt Secure Boot to Enabled.
- Press F10 to save changes and reboot.
| Notes |
|
Once the system boots into the Operating System, follow the steps below to confirm if secure boot is enabled:
- Open PowerShell as administrator.
- Run the command confirm-SecureBootUEFI.
- If secure boot is working, TRUE will be displayed on the following line.
- Otherwise FALSE will be displayed.
Important:
Sometimes the system might display an error/warning stating that it is unable to load the device firmware due to secure boot policy, and the device firmware must be authorized by a key in the valid signature database.
This can be caused if the the storage (Hard Drive/Solid State Drive) is not validated or has compatibility issues with Secure Boot. If this issue is present, try removing and using a different storage unit (this could happen more often with some SSDs).
The guide for BIOS secure boot configuration, can be found in: BIOS Setup Utility User Guide for the Intel® Server Board S2600 Family Supporting the Intel® Xeon Scalable Processor Family section named Secure Boot Configuration.