UEFI boot from https (SSL) repository

I am trying to boot a UEFI bare metal server where the ISO and repositories reside on a server using SSL (https). I have configured BIOS booting with the “no verify ssl” flags. How do I do the same for UEFI?

Foreman and Proxy versions:
Foreman 2.1.1

Other relevant data:

I am installing CentOS 8.2

BIOS cannot boot from HTTP or HTTPS itself, do you use iPXE?

Anyway, you need to configure this in your EFI firmware.

Thanks for the prompt reply.
I am using iPXE and the PXELinux UEFI template.
Can you provide a pointer to what needs to be set in the EFI firmware to boot from SSL?
The process gets stuck on curl error 60 trying to get the install.img over https.

I don’t know the details of your setup, but we do not support HTTPS kickstarting, there’s a lot of troubles with that. Anaconda does not accept CAs, Katello does not publish kickstarts over HTTPS by default, mirrors mostly run on HTTP only.

Interesting - is this anywhere in the formal Foreman documentation?
I’m asking since I am able to get BIOS VMs to boot from a server with the ISO and repository residing on a https link. My issue is with bare metal servers using UEFI.

I am not saying it is not technically possible, we just do not ship with configuration that works out of box.

Again, I do not have enough information to comment on that. There are multiple ways how you can provision UEFI systems with Foreman.

Where do I add the parameter inst.noverifyssl tot he PXE Linux UEFI template like I did in the PCX Linux BIOS file?

To the PXE template associated with your host.