First Published: March 16, 2020

Last Updated: March 16, 2020

Overview

This document provides procedures for enabling UEFI Secure Boot for ESXi in HyperFlex.

Enabling UEFI Secure Boot for ESXi in HyperFlex

  1. Perform a combined upgrade on all hosts and verify that they are running HX 4.0(2a) and VMware ESXI 6.7 properly.

  2. Login to UCSM and update the Service Profile template (SPT) associated to the cluster as follows:

    1. Change the boot policy from "legacy" to "UEFI+secureboot".

    2. Change the "TXT BIOS" policy token from platform default to “Enabled”.

  3. Perform the following steps on each of the nodes in the cluster in a rolling fashion:

    1. Put the ESXi host into Maintenance Mode from the HX Connect UI.

    2. Reboot ESXi or the server from UCS. Wait for the reboot to complete and ESXi to boot.

    3. Exit Maintenance Mode from the HX Connect UI. Wait for either the cluster to go back to full healthy state; or for the node failures tolerable to go back to normal, depending on the cluster configuration.

Communications, Services, Bias-free Language, and Additional Information

  • To receive timely, relevant information from Cisco, sign up at Cisco Profile Manager.

  • To get the business impact you’re looking for with the technologies that matter, visit Cisco Services.

  • To submit a service request, visit Cisco Support.

  • To discover and browse secure, validated enterprise-class apps, products, solutions and services, visit Cisco Marketplace.

  • To obtain general networking, training, and certification titles, visit Cisco Press.

  • To find warranty information for a specific product or product family, access Cisco Warranty Finder.

Documentation Feedback

To provide feedback about Cisco technical documentation, use the feedback form available in the right pane of every online document.

Cisco Bug Search Tool

Cisco Bug Search Tool (BST) is a web-based tool that acts as a gateway to the Cisco bug tracking system that maintains a comprehensive list of defects and vulnerabilities in Cisco products and software. BST provides you with detailed defect information about your products and software.

Bias-Free Language

The documentation set for this product strives to use bias-free language. For purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on standards documentation, or language that is used by a referenced third-party product.