Additional X.509 keys for default system keyring
configname: CONFIG_SYSTEM_TRUSTED_KEYS
Linux Kernel Configuration
└─>Cryptographic API
└─>Certificates for signature checking
└─>Additional X.509 keys for default system keyring
In linux kernel since version 4.1 (release Date: 2015-06-21)
If set, this option should be the filename of a PEM-formatted file
containing trusted X.509 certificates to be included in the default
system keyring. Any certificate used for module signing is implicitly
also trusted.
NOTE: If you previously provided keys for the system keyring in the
form of DER-encoded *.x509 files in the top-level build directory,
those are no longer used. You will need to set this option instead.
containing trusted X.509 certificates to be included in the default
system keyring. Any certificate used for module signing is implicitly
also trusted.
NOTE: If you previously provided keys for the system keyring in the
form of DER-encoded *.x509 files in the top-level build directory,
those are no longer used. You will need to set this option instead.