[ipxe-devel] Problem "Invalid Magic Sighature"

Michael Brown mbrown at fensystems.co.uk
Tue Aug 7 18:15:30 UTC 2012

On Tuesday 07 Aug 2012 15:07:51 Bovey Christian wrote:
> We are using iPXE for about four month now. We have new models of
> computers, so we need to recompile a new version of iPXE to handle them.
> We used the same method and same script as before, but now we got an error
> "Invalid magic signature".
> Is there new restriction with newer version of iPXE?
> Our scripts are attached to this mail.
> undionly.kpxe is embed with a script to chain to another script on our
> webserver. https certificate is included. general.h is modified to handle
> https.

iPXE now validates HTTPS server certificates.  (Previously, any certificate 
would be accepted.)

You need to use a certificate signed by a known CA, and ensure that iPXE is 
able to contact http://ca.ipxe.org to download any required cross-signing 
certificates.  Alternatively, you can set up your own private CA infrastructure 
for issuing certificates, in which case you need to build iPXE with the TRUST= 
parameter to specify your own root CA certificate.

Documentation for this is at http://ipxe.org/crypto


More information about the ipxe-devel mailing list