UEFI Secureboot with RHEL and SLES

I’ve setup Foreman to provision RHEL Systems with secureboot and want to do it with SLES as well. I’m running into a Problem where the pxeloader with “Grub2 UEFI Secureboot” configures the dhcp to search for grub2/shimx64.efi". This file works for secureboot with RHEL, but it wont with SLES. Most likely the signature from SUSE is missing. Is there an easy solution to have multiple OS run with secureboot maybe setup another pxeloader to use another shim file?

Expected outcome:
Installation of any OS with Secureboot possible

Foreman and Proxy versions:
Distribution and version:

We only maintain SecureBoot files for Red Hat systems, they do work. Feel free to research this in SUSE documentation and contribute what’s needed.

I’ve done a little research and I feel like I would need an configurable pxe-loader option, to seperate the boot files for different OS Types within the tftpboot directory. I.E. /var/lib/tftpboot/$OS/grub2 and so so on. Since secureboot files might be named the same but contain diffenrent signatures. Maybe this is somthing to consider for redesign

There is architecture in the filename, you could create something like x86_64suse but that would probably break other parts of Foreman.

Feel free to create a patch for app/models/concerns/orchestration/dhcp.rb to use host parameter named “filename” that could be defined for your SUSE hostgroup overriding the option set via PXELoader. Should be pretty easy, make sure to update tests as well.