Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
 My manager has restricted my use of Ventoy.
#1
Exclamation 
I've been utilizing Ventoy for an extended period; however, my manager has recently restricted my use of the tool due to concerns with UEFI certification. He claims that Ventoy enrolls a custom certificate and replaces the original UEFI certificate on our client PCs and laptops. Consequently, he is compelling me to revert to using Rufus. Would anyone be able to offer assistance? Huh

PS :why Rufus have no Problem using UEFI ?
Reply
#2
If you have to use mok manager on first secure boot, then you are allowing Ventoy to run insecure ISO s

You can use winsetupfromusb if you only use it for windows installs and winpe.



Or try Easy2boot, which can use imgptn23 files to allow multiple secure boot images.
Reply
#3
"Exclamation 04-02-2024, 05:01 PM (This post was last modified: 04-02-2024, 05:03 PM by aboamir@gmail.com.)
I've been utilizing Ventoy for an extended period; however, my manager has recently restricted my use of the tool due to concerns with UEFI certification. He claims that Ventoy enrolls a custom certificate and replaces the original UEFI certificate on our client PCs and laptops. Consequently, he is compelling me to revert to using Rufus. Would anyone be able to offer assistance? Huh

PS :why Rufus have no Problem using UEFI ?"

Is this not a serious issue making Ventoy unsafe to use?
Reply
#4
https://www.ventoy.net/en/doc_delete_key.html
Reply
#5
According to your description, I guess it's a Windows Secure Boot problem, so when using Rufus, you can boot directly from windows.iso without getting Secure Boot errors? Or you used Rufus to write windows.iso to USB and when booting in UEFI there was no Secure Boot error. You can also bypass Secure Boot with ventoy like using Rufus, the job is very simple, just format the ventoy partition as FAT32, then extract the contents of windows.iso to the ventoy partition (first partition of the USB).

Whether you use ventoy or grubfm, or aioboot, the nature of these 3rd party bootloaders (not from Microsoft) makes it inevitable to encounter Secure Boot errors.
Reply
#6
You can avoid the Secure Boot problem by using Easy2Boot and partition images, but it means you first have to Secure Boot to WinPE to switch in the partition image.
However, it does mean that you do not need to modify the BIOS UEFI settings and you cannot boot Non-Secure Boot loaders.
https://easy2boot.xyz/uefi64-secure-booting/
Reply


Forum Jump:


Users browsing this thread: 2 Guest(s)