[GUIDE] OpenCore and UEFI Secure Boot using Windows Subsystem for Linux

[Gobias]

@Gobias
Maybe you have a preferred app for virtual machines on macOS. I didn't have anyone and UTM (QEMU based) has been quite easy to install.
The Ubuntu 14.04 VM available to download and use as-is has also made my job a lot easier because I didn't have to install the system onto the VM from an ISO image.
UTM is free software and costs nothing.
In a short time you have Ubuntu on the macOS Desktop so you don't have to restart your PC several times.
The drawback that I have already mentioned is that of the file exchange between VM and macOS.
The clipboard is shared, at least you can copy text from one to another.

Spoiler: UTM Ubuntu

View attachment 556045

I used VirtualBox to set up an Ubuntu VM years ago. I had to install from an ISO, but I think there was a way transfer files between the VM and macOS (it's been a while, though, so I don't really remember that well).

 

[miliuco]

Added comment in the first post about OpenCore Vault + UEFI Secure Boot.

Thanks @Gobias for pointing to me in the right direction.

 

[Gobias]

@Gobias

This is what I've done:

• In order not to have to switch from mac to windows so many times, I have installed Ubuntu 14.04 virtual machine with UTM
• On Ubuntu I have digitally signed all OC 0.8.5.efi files except OpenCore.efi
• On macOS I have vaulted the EFI folder with the signed files, including OpenCore.efi not signed yet
• On Ubuntu I have signed the OpenCore.efi file which already has Vault applied
• Back in macOS I have copied the EFI folder to the EFI partition
• I have rebooted activating UEFI Secure Boot and... it worked!

So it's just like you said, I hadn't read the OC setup text carefully either.

It is a tedious task. The most boring part is copying files between macOS and Ubuntu. UTM in theory has the option to define a shared folder to exchange files but I have not been able to get it to work. I have used Wetransfer in both mac and linux browsers to send files between both systems. Pretty heavy but at least I've learned how to have Vault and UEFI Secure Boot at the same time.

I followed this order of steps, and now it finally worked for me, too! Thank you for helping me figure this out!

 

[miliuco]

@Gobias
Congratulations! Enjoy.

 

[RAFAELRAZOR]

Please help-me
KeyTool.efi – Error 26 “Security Violation”.

 

[miliuco]

@RAFAELRAZOR

When do you get this error? At the time to shove your own keys into the firmware with KeyTool?

 

[RAFAELRAZOR]

Yes

 

[RAFAELRAZOR]

 

[RAFAELRAZOR]

@RAFAELRAZOR

When do you get this error? At the time to shove your own keys into the firmware with KeyTool?

My log

 

[miliuco]

@RAFAELRAZOR

Please cut the log or put it into an attached txt file to improve readability of the post. It's too long.

You write

cp /home/ubuntu/Downloads/MicCorUEFCA2011_2011-06-27.crtcp /mnt/c/Users/Ubuntu/Downloads/MicCorUEFCA2011_2011-06-27.crt

But it must be

cp /home/ubuntu/Downloads/MicCorUEFCA2011_2011-06-27.crt cp /mnt/c/Users/Ubuntu/Downloads/MicCorUEFCA2011_2011-06-27.crt

Note .crtcp >> .crt cp.
I see that this is fixed later.

You write

sudo apt-get install unzip~

But it must be

sudo apt-get install unzip

But unzip seems to be installed.

In BIOS you have a menu to enable/disable UEFI Secure Boot, right? Are you trying to shove the keys with UEFI Secure Boot disabled? Do you have in BIOS a menu to reset or manage the secure boot keys?