[ipxe-devel] help: How to disable HTTPS certificate verification with iPXE?

Michael Brown mcb30 at ipxe.org
Mon Nov 17 11:36:14 UTC 2014

On 17/11/14 10:10, linql at centran.cn wrote:
> I am trying to chainload boot image from web server using https. Is
> there any way to disable https certificate verification while compiling
> iPXE (something like "curl -khttps://example.com/index.php")?

No; if you don't want certificate verification then you should probably 
use HTTP instead.

If you have a server certificate which is not issued by a public CA then 
you may want to configure iPXE to trust your private CA (or to trust the 
server certificate directly), which you can do by building iPXE with the 
appropriate TRUST= parameter.  For example:

   make bin/intel.mrom TRUST=my_certificate.crt

See http://ipxe.org/crypto#trusted_root_certificates for more details.


More information about the ipxe-devel mailing list