How to use HTTPs and Private Root Certificate Trust

NVIDIA Networking Server-Side Documentation of Flexboot v3.7.400 & UEFI v14.34.12

Flexboot now will contain only a single trusted root certificate (the “iPXE root CA” certificate). To use a standard SSL certificate issued by a public CA (such as Verisign), iPXE must be able to download a cross-signed certificate to complete the chain of trust up to the “iPXE root CA” certificate. These cross-signed certificates are downloaded automatically when needed from
For more information, see full description on and

To use a private CA trust, Flexboot must get the Trust CA fingerprint as a configuration from the FlexBoot menu, must download the root certificate to complete the chain of trust. Flexboot can download the root CA from the Http URI that was configured in the FlexBoot Menu "Cross-Signed CA URI".

© Copyright 2024, NVIDIA. Last updated on May 6, 2024.