Re: Secure boot enabled on Cisco UCS server

Leonard-p · ‎01-17-2026

Hi, I need some advice. I’m running a UCS C220 M4 that has never been updated since I’ve owned it; the server is still on 2.0.x.
My problem is that when I boot from a DVD-R (because it gives a weird error when trying to boot from USB), it shows:
Secure Boot Violation – Invalid Signature Detected – Check boot policy in setup.
I’ve read the manual and checked everything in the BIOS, but I couldn’t find anything. I’m surely missing something, but I couldn’t find it.
Another problem is that the CIMC has never been configured, so it has no IP. I can’t even check it with the old flash tool + browser. My last option was to deal with it via the console, but I prefer to ask before trying this.
If anyone has any idea or a solution, thanks in advance for your time.

Mark Elsen · ‎01-18-2026

- @Leonard-p FYI : https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwj28488

M.

-- Let everything happen to you
   Beauty and terror
      Just keep going
     No feeling is final
Reiner Maria Rilke (1899)

Leonard-p · ‎01-22-2026

I've tried but when upgrading from the HUU it also says the same error: Invalid Signature Detected – Check boot policy in setup.

I'm kind of lost on what to do at this point.

Wes Austin · ‎01-23-2026

Can you confirm the PID that is listed in the CIMC? If this is a security appliance (SNS) and you are unable to disable secure boot, there is difference process to do a firmware update and many of the normal CIMC operations are slightly different if its a security appliance server.

Leonard-p · ‎01-23-2026

Unfortunately the CIMC doesn't have an ip address configured so it show 0.0.0.0 as an ip but i do have labels on the chassis. I have one named PID VID: C190 V01.