Microsoft UEFI CA rotation: What it means for Ubuntu users and vendors

Project Discussion
1

Microsoft’s 2011 UEFI and KEK CAs are set to expire in June 2026 and are being replaced by 2023 CAs. While existing boot assets will continue to work, future shim bootloader updates from Canonical will use the new 2023 CA. Failure to update the CA on existing Ubuntu installations (26.04 LTS and earlier) will lead to package management failures and an inability to install security and non-security updates starting in Q4 2026 or later. Canonical is distributing the 2023 CA through fwupd (version >=2.0.0). Canonical-supplied virtual machines will be automatically updated on reboot with the new CAs via logic added to their firmware.

Recommendation

  • For Canonical-supplied Virtual Machines (VMs): Keep your edk2 package and/or lxd snap up-to-date. Rebooting the VM is required to deploy the new CAs, which are applied automatically via additional firmware logic.
  • For existing Ubuntu users: Ensure your system has a recent version of fwupd (>=2.0.0) installed and running to receive the necessary certificate updates. This is critical for maintaining security and the ability to install future updates for the boot stack.
  • For device vendors: Include both the 2011 and 2023 Microsoft CA hierarchies in your UEFI security databases for broad compatibility. Also, make KEK updates signed with your Platform Key available on fwupd.org for existing devices.

Further details are provided below and we will continue to post updates as this unfolds.

Updates:

  • Jun 9, 2026: fwupd updates for Ubuntu 24.04 LTS and Ubuntu 22.04 LTS are rolling out. Amended instructions with more explicit commands.
  • Jun 11, 2026: The incremental rollout is being paused due to issues with mtd firmware updates and BitLocker systems

Context

Microsoft UEFI 3rd party Certificate Authority (CA) 2011 and Microsoft KEK CA 2011 will expire in June 2026. The UEFI CA is used by Microsoft to sign shim bootloaders used by operating systems such as Ubuntu to boot on UEFI platforms with embedded trust for Microsoft’s signing infrastructure. The KEK CA is used for delivering revocations of assets signed by the UEFI CA.

Microsoft has begun rolling out a new set of UEFI code signing and KEK CAs (both labelled 2023) as a replacement. After June 2026, Microsoft will exclusively use the 2023 CAs for signing and delivering revocation updates.

To check which CAs are enrolled in the machine, run:

mokutil --db | grep 'Subject:'
mokutil --kek | grep 'Subject:'

This roll out is complete when these keys are enrolled:

Subject: C=US, O=Microsoft Corporation, CN=Microsoft UEFI CA 2023
Subject: C=US, O=Microsoft Corporation, CN=Microsoft Option ROM UEFI CA 2023
Subject: C=US, O=Microsoft Corporation, CN=Microsoft Corporation KEK 2K CA 2023

Impact

UEFI firmware does not check the expiry date of CAs when validating signatures. Existing boot assets signed with the 2011 CA will remain bootable unless explicitly revoked due to newly discovered security vulnerabilities. Manufacturers should include both the old and new CAs in their device certificate databases, consequently all devices should retain the ability to boot code signed with the old CA after the expiry.

Shim bootloader updates delivered by Canonical after the June 2026 expiry will be signed with the new 2023 Microsoft CA. Consequently, applying the new certificates is essential to ensure subsequent bootloader security patches are delivered to all devices after June 2026.

We do not anticipate the 2011 code signing CA being revoked in its entirety, but selective security-related revocations of old code are likely. Future devices may no longer support booting code signed with the 2011 CA. Make sure to install updates as they become available via fwupd.

Certificate updates in Ubuntu

Ubuntu is rolling out the 2023 CA via the fwupd tool, using security database updates published by Microsoft and device vendors on the Linux Vendor Firmware Service (LVFS).

The fwupd tool is packaged in the Ubuntu archive, and is pre-installed in most Ubuntu images. A recent version of fwupd (>=2.0.0) is required for the installation of certificate updates. This version is available in Ubuntu 25.10 and Ubuntu 26.04 LTS and is being rolled out incrementally to Ubuntu 22.04 LTS and Ubuntu 24.04 LTS starting June 8, 2026.

On older Ubuntu releases, install the fwupd snap to receive certificate updates:

sudo snap install fwupd

If the fwupd deb package is already installed, you may need to remove it first:

sudo apt purge fwupd

To verify that you have a suitable version installed, run:

fwupdmgr --version

Ensure that the line for org.freedesktop.fwupd reports version 2.0.0 or later.

To refresh the fwupd metadata and install updates (including other firmware updates), run:

sudo fwupdmgr refresh
sudo fwupdmgr update

and follow the prompts. The 2023 CA update appears as 4 separate updates in:

  • Windows Production PCA
  • UEFI CA
  • KEK CA
  • UEFI dbx

Availability varies by device vendor, and some devices may not yet have any updates available.

Guidance to device vendors

To ensure broad compatibility with existing and future Ubuntu releases, device vendors should provide both old and new Microsoft CA hierarchies in their UEFI security databases on devices they manufacture.

The following keys must be present until at least 2028. After 2028 it is likely that pre-installation will only be possible with the 2023 CAs:

UEFI security database Key
db Microsoft Corporation UEFI CA 2011
Microsoft UEFI CA 2023
KEK Microsoft Corporation KEK CA 2011
Microsoft Corporation KEK 2K CA 2023

Device vendors should ensure that KEK updates signed with their Platform Key (PK) are made available on fwupd.org such that updates can be installed on existing devices by fwupd.

Installation media

Existing Ubuntu installation media, including the Ubuntu 26.04 LTS release, require the 2011 CA to be present. Future installation media, including upcoming Ubuntu 26.04 LTS point releases, may instead require the 2023 CA.

This will not cause any disruption on newly manufactured devices or devices with the certificate update previously applied, but new Ubuntu installations with media that only supports the 2023 CA will likely require additional steps prior to booting the installer. Canonical will publish guidance about this in due course.

Cloud images

Ubuntu 26.04 LTS cloud images will require the 2011 CA. New cloud images for the 2023 CA are planned to be issued later this year, not before the Ubuntu 26.04.1 LTS point release. As cloud images transition to the 2023 CA, it will no longer be possible to provision new instances that only support the 2011 CA.

Existing installations

Future Ubuntu releases and updates to stable releases issued in Q4 2026 or later will require the new 2023 CA. Failure to upgrade the CA will result in package management failures, and break the ability to install updates, both security and non-security, as well as new packages.

Existing installations of Ubuntu 26.04 LTS and earlier will continue to work for the time being on systems with only the 2011 CA present. However, they will not receive further security updates for the shim bootloader. This leaves them unable to enforce updates to other parts of the boot stack, potentially allowing downgrade attacks on components such as grub or fwupd.

Firmware updates for Canonical-supplied virtual machines

Existing virtual machines (VMs) have their UEFI variable stores snapshotted at creation time. When Microsoft replaced its 2011 UEFI Secure Boot CAs with 2023 CAs, new VMs received both generations in their initial variable template, but long-lived VMs retained only the 2011 CAs in their KEK and db. As Microsoft transitions to signing exclusively with the 2023 CAs, these VMs will eventually fail to verify new bootloaders, shim updates, and option ROMs.

The normal mechanism for updating KEK is an authenticated variable write signed by the Platform Key. However, the PK private key used for the OVMF/AAVMF variable templates was intentionally discarded at generation time, making the standard update path unavailable.

To address this, additional logic is added to the VM firmware. On each boot, it checks a version counter to determine whether it has already run. If not, it inspects the KEK and db for the presence of 2011 CAs and the absence of their 2023 replacements. If an update is required, it is applied internally by the firmware.

Be aware that this firmware update will impact measurements and accordingly, systems enrolled using TPM-backed encryptions in VMs may prompt for a recovery key.

The following certificate mappings are applied:

Variable 2011 CA 2023 Replacement(s)
KEK Microsoft Corporation KEK CA 2011 Microsoft Corporation KEK 2K CA 2023
db Microsoft Windows Production PCA 2011 Windows UEFI CA 2023
db Microsoft Corporation UEFI CA 2011 Microsoft UEFI CA 2023, Microsoft Option ROM UEFI CA 2023

These updates are currently available in Ubuntu 26.04 LTS and LXD 6.8. Updates for older releases are currently being prepared.

Keep your edk2 package and/or lxd snap up-to-date to receive the new CAs as it becomes available, and reboot your virtual machine to deploy the new CAs.

6 Likes
2

What is the backport plan for older releases? How far back will edk2 be updated?

3

This is what I read in the original post that opened this topic.

2 Likes
4

If anyone’s curious to check, a quick way to check what certs are loaded in the efivars

➜  ~ mokutil --db | grep 'CN=Microsoft' -A3
5

The relevant fwupd update has rolled out for questing and noble now, and the jammy update is in progress and will be syncing across mirrors in the next ~24 hours. Due to phased updates, systems will become eligible for upgrades at different times.

6

@juliank I’ll run tests on my environment with the edk2 backports, but I would also like to add an extra ‘workaround’ if for some reason the backport doesn’t properly apply.

Based on my answer here on Ask Ubuntu to someone who was having this very question about the UEFI keys and updating them in their environment, I discovered documentation on python3-virt-virmware which can be used to apply the changes directly to the nvram and secvars for any given VM that uses secure boot.

The version in Noble is obsolete, so I created a backport for it in OVMF Backports from Newer Releases : Thomas Ward (where I also did a chaos and backported newer EDK2 but have since deleted that from the PPA). This however can be used to automatically apply the changes necessary for secure boot via EDK2.

I’d like to see this tool backported officially but that’s outside my scope of work at the moment because it’s Not Trivial with it’s dependencies. It may be something that official Canonical and Foundations teams want to keep as a utility.

(Note that on a 26.04 environment I was testing, a VM that already had the older keys in place did not actually update when fully shut down and rebooted for Secure Boot + Encrypted Windows 11 VMs (work requirement) - hence how I stumbled upon the aforementioned utility script.

7

The edk2 SRU actually makes use of virt-firmware for testing and a backport of the noble version to jammy is included.

The noble version was current enough.

9

The incremental rollout of fwupd updates for Ubuntu 24.04 LTS and Ubuntu 22.04 LTS is currently paused due to issues affecting updates on MTD devices (LP: #2156479) and dual-boot systems using TPM-based full-disk encryption (FDE) solutions such as BitLocker (LP: #2156480).

The update can still be installed manually by running apt install fwupd.