Greetings, recently an ssd died in my fujitsu futro s920 which worked for the last few years as my firewall. As I installed a new ssd I've noticed that the system was UEFI and had a secureboot option (I missed it when I first installed opnsense years ago). While browsing forums I've encountered multiple posts urging not to disable secureboot when running opnsense, so i tried to enable it and install opnsense. The installation finished without issue but when the system rebooted I was greeted with the memory diagnostic program (the last time I saw it starting was when the ssd died and the system had not storage at all) as I checked boot options menu the opnsense ssd was missing. After disabling secureboot the system booted normally.
For installation I used the dvd iso on an ventoy bootable flash with gpt and secureboot compatibility enabled, After that I created a bootable usb with etcher and tried to install, but was greeted with a error message "secure boot violation, invalid signature detected" I made sure to select the UEFI option when booting from usb.I have tried to install opnsense on a UEFI virtual machine with secureboot from the usn created and it installed and booted without issues.
As Iwas looking fro a solution I've found this tread https://www.reddit.com/r/OPNsenseFirewall/comments/10a69d6/uefi_on_fujitsu_s920/ (https://www.reddit.com/r/OPNsenseFirewall/comments/10a69d6/uefi_on_fujitsu_s920/) After trying this method the boot option reappeared but boot stopped with error "secure boot violation, invalid signature detected"
Unfortunately I have limited experience with UEFI and secureboot. Also how dangerous is to run opnsense without secureboot?
You cannot run it with secure boot at all. Disable it.
So the installing and running opnsense as I did the first time was the correct way to go,OK. Thank you for the quick reply,