[ipxe-devel] Problem "Invalid Magic Sighature"
Michael Brown
mbrown at fensystems.co.uk
Tue Aug 7 18:15:30 UTC 2012
On Tuesday 07 Aug 2012 15:07:51 Bovey Christian wrote:
> We are using iPXE for about four month now. We have new models of
> computers, so we need to recompile a new version of iPXE to handle them.
>
> We used the same method and same script as before, but now we got an error
> "Invalid magic signature".
>
> Is there new restriction with newer version of iPXE?
>
> Our scripts are attached to this mail.
> undionly.kpxe is embed with a script to chain to another script on our
> webserver. https certificate is included. general.h is modified to handle
> https.
iPXE now validates HTTPS server certificates. (Previously, any certificate
would be accepted.)
You need to use a certificate signed by a known CA, and ensure that iPXE is
able to contact http://ca.ipxe.org to download any required cross-signing
certificates. Alternatively, you can set up your own private CA infrastructure
for issuing certificates, in which case you need to build iPXE with the TRUST=
parameter to specify your own root CA certificate.
Documentation for this is at http://ipxe.org/crypto
Michael
More information about the ipxe-devel
mailing list