Topics on this page
Linux Secure Boot support
Some versions of Deep Security Agent (DSA) for Linux support Secure Boot. See also Configure Linux Secure Boot for agents.
In DSA 20 LTS, each Linux operating system is associated with corresponding Secure Boot public keys, such as DS2022.der, DS20_V2.der, and so on. These keys have different expiration dates. For more information, see The public key has expired.
See also Deep Security release strategy and life cycle policy.
Deep Security Agent 20 LTS
The following table lists Linux operating systems on which DSA 20 LTS provides support for Secure Boot.
VMware and physical machines are supported on all operating systems included in the table. Azure, AWS, and GCP support is limited to certain operating systems.
| Operating System | Secure Boot public key | Required DSA build | Support on Azure * |
|---|---|---|---|
| AlmaLinux 9 (64-bit) | DS2022.der | 20.0.0-6912 (20 LTS Update 2023-05-02) or later | ✔ |
| CentOS 7 (64-bit) | DS2022.der ** | ||
| CentOS 8 (64-bit) | DS2022.der ** | ||
| Debian Linux 10 (64-bit) | DS2022.der ** | ||
| Debian Linux 11 (64-bit) | DS2022.der | ||
| Debian Linux 12 (64-bit) | DS2022.der | 20.0.0-8438 (20 LTS Update 2023-12-12) or later | ✔ |
| Miracle Linux 9 (64-bit) | DS2022.der | 20.0.0-8137 (20 LTS Update 2023-10-26) or later for Red Hat Enterprise Linux 9 | |
| Oracle Linux 7 (64-bit) | DS20_V2.der | 20.0.0-3165 (20 LTS Update 2021-10-08) or later | |
| Oracle Linux 8 (64-bit) | DS20_V2.der | 20.0.0-3288 (20 LTS Update 2021-10-28) or later | ✔ *** |
| Oracle Linux 9 (64-bit) | DS2022.der | ✔ *** | |
| Red Hat Enterprise Linux 7 (64-bit) | DS2022.der ** | ||
| Red Hat Enterprise Linux 8 (64-bit) | DS2022.der ** | ✔ | |
| Red Hat Enterprise Linux 9 (64-bit) | DS2022.der | ✔ | |
| Red Hat Enterprise Linux Workstation 7 (64-bit) | DS2022.der ** | 20.0.0-6912 (20 LTS Update 2023-05-02) or later | |
| Rocky Linux 9 (64-bit) | DS2022.der | 20.0.0-6313 (20 LTS Update 2023-01-31) or later | |
| SUSE Linux Enterprise Server 12 (64-bit) | DS2022.der ** | ||
| SUSE Linux Enterprise Server 15 (64-bit) | DS2022.der **, DS20_V2.der | ✔ | |
| Ubuntu 16.04 (64-bit) | DS2022.der ** | ||
| Ubuntu 18.04 (64-bit) | DS2022.der ** | ✔ | |
| Ubuntu 20.04 (64-bit) | DS2022.der ** | ✔ | |
| Ubuntu 22.04 (64-bit) | DS2022.der | 20.0.0-6658 (20 LTS Update 2023-03-22) or later | ✔ |
| Ubuntu 24.04 (64-bit) | DS2022.der | 20.0.1-19250 (20 LTS Update 2024-09-18) or later |
* For details, see Trusted Launch for Azure virtual machines - Operating systems supported.
** DS20.der expired on November 26, 2024. It has been replaced with DS2022.der.
*** Support for Red Hat Compatible Kernel (RHCK) only. There is no support for Unbreakable Enterprise Kernel (UEK).
Deep Security Agent 12 FR
The following table lists Linux operating systems on which DSA 12 FR provides support for Secure Boot.
VMware and physical machines are supported on all operating systems included in the table, whereas AWS, GCP, and Azure are not supported.
| Operating System |
|---|
| CentOS 7 (64-bit) |
| CentOS 8 (64-bit) |
| Debian Linux 10 (64-bit) |
| Red Hat Enterprise Linux 7 (64-bit) |
| Red Hat Enterprise Linux 8 (64-bit) |
| SUSE Linux Enterprise Server 12 (64-bit) |
| SUSE Linux Enterprise Server 15 (64-bit) |
| Ubuntu 16.04 (64-bit) |
| Ubuntu 18.04 (64-bit) |
Note that the information about the public keys and required DSA build is not applicable to this DSA release.
Deep Security Agent 12 LTS
The following table lists Linux operating systems on which DSA 12 LTS provides support for Secure Boot.
VMware and physical machines are supported on all operating systems included in the table, whereas AWS, GCP, and Azure are not supported.
| Operating System | Secure Boot public key |
|---|---|
| CentOS 7 (64-bit) | DS12.der |
| Red Hat Enterprise Linux 7 (64-bit) | DS12.der |
Note that the information about the required DSA build is not applicable.
Deep Security Agent 11 LTS
The following table lists Linux operating systems on which DSA 11 LTS provides support for Secure Boot.
VMware and physical machines are supported on all operating systems included in the table, whereas AWS, GCP, and Azure are not supported.
| Operating System | Secure Boot public key |
|---|---|
| CentOS 7 (64-bit) | DS11_2022.der |
| Red Hat Enterprise Linux 7 (64-bit) | DS11_2022.der |
Note that the information about the required DSA build is not applicable.