Windows OS Hub
  • Windows Server
    • Windows Server 2022
    • Windows Server 2019
    • Windows Server 2016
    • Windows Server 2012 R2
    • Windows Server 2012
    • Windows Server 2008 R2
    • SCCM
  • Active Directory
    • Active Directory Domain Services (AD DS)
    • Group Policies
  • Windows Clients
    • Windows 11
    • Windows 10
    • Windows 8
    • Windows 7
    • Windows XP
    • MS Office
    • Outlook
  • Virtualization
    • VMWare
    • Hyper-V
    • KVM
  • PowerShell
  • Exchange
  • Cloud
    • Azure
    • Microsoft 365
    • Office 365
  • Linux
    • CentOS
    • RHEL
    • Ubuntu
  • Home
  • About

Windows OS Hub

  • Windows Server
    • Windows Server 2022
    • Windows Server 2019
    • Windows Server 2016
    • Windows Server 2012 R2
    • Windows Server 2012
    • Windows Server 2008 R2
    • SCCM
  • Active Directory
    • Active Directory Domain Services (AD DS)
    • Group Policies
  • Windows Clients
    • Windows 11
    • Windows 10
    • Windows 8
    • Windows 7
    • Windows XP
    • MS Office
    • Outlook
  • Virtualization
    • VMWare
    • Hyper-V
    • KVM
  • PowerShell
  • Exchange
  • Cloud
    • Azure
    • Microsoft 365
    • Office 365
  • Linux
    • CentOS
    • RHEL
    • Ubuntu

 Windows OS Hub / Virtualization / Hyper-V / Hyper-V Boot Error: The Image’s Hash and Certificate Are not Allowed

March 4, 2020 CentOSHyper-VLinux

Hyper-V Boot Error: The Image’s Hash and Certificate Are not Allowed

I came across an interesting issue when trying to install Linux CentOS on a virtual machine running on a Hyper-V server (the type of the virtual machine was “Generation 2” with UEFI support). I had downloaded CentOS 7 installation file (ISO), created a new gen2 type VM in Hyper-V, mounted the ISO file and tried to boot the VM from the installation ISO. However, when booting the VM, the following error message appeared in the Hyper-V console:

SCSI DVD (0,0). The image's hash and certificate are not allowed (DB).

No UEFI-compatible file system was found.

No operating system was loaded. Press a key to retry the boot sequence…

Hyper-V error: The image's hash and certificate are not allowed
The problem is that Hyper-V by default is using UEFI with Secure Boot mode enabled for its Generation 2 virtual machines. Secure Boot prevents boot from an untrusted Linux bootloader in the ISO file (the Linux bootloader neither signed nor certified by Microsoft).

To start Linux installation, I had to disable Secure Boot in the virtual machine settings (Settings -> Security -> uncheck the option Enable Secure Boot).

Or you can leave Secure Boot enabled, but use Microsoft UEFI Certificate Authority template instead of Microsoft Windows. According to Microsoft information, this template allows you to run Linux distros in the Secure Boot compatibility mode.

hyper-v vm gen-2 - secure boot mode and Microsoft UEFI Certificate Authority template

Restart your VM and try to boot it again from the CentOS installation ISO image or another Linux distribution (I managed to run CentOS 8 and Ubuntu 19.04 installation using this method).

boot from linux iso on hyper-v vm in uefi mode

In the same way, you can manage Secure Boot and templates setting of VM using PowerShell. Here is how you can get the current VM firmware settings:

Get-VMFirmware -VMName "centos7"

Get-VMFirmware hyper-v

To disable Secure Boot mode for your VM:

Set-VMFirmware -VMName "centos7" -EnableSecureBoot Off

In order to change the bootloader certificate validation template to the one compatible with most Linux distros:

Set-VMFirmware -VMName "centos7" -EnableSecureBoot On -SecureBootTemplate "MicrosoftUEFICertificateAuthority"

1 comment
4
Facebook Twitter Google + Pinterest
previous post
How to Block a Domain or Website on Windows Defender Firewall with PowerShell?
next post
Set-ADComputer: How to Change AD Computer Properties and Add Logged User Info?

Related Reading

How to Access VMFS Datastore from Linux, Windows,...

July 1, 2022

How to Install Windows 11 on a Hyper-V...

March 16, 2022

Installing an Open Source KMS Server (Vlmcsd) on...

March 16, 2022

Managing Hyper-V Virtual Machines with PowerShell

March 15, 2022

Installing PowerShell Core on Linux Distros

February 28, 2022

1 comment

Vidula May 26, 2020 - 6:22 am

Thank you for providing an actual solution instead of just disabling it.

Reply

Leave a Comment Cancel Reply

Categories

  • Active Directory
  • Group Policies
  • Exchange Server
  • Microsoft 365
  • Azure
  • Windows 11
  • Windows 10
  • Windows 7
  • Windows Server 2019
  • Windows Server 2016
  • Windows Server 2012 R2
  • PowerShell
  • VMWare
  • Hyper-V
  • MS Office

Recent Posts

  • Using PowerShell Behind a Proxy Server

    July 1, 2022
  • How to Access VMFS Datastore from Linux, Windows, or ESXi?

    July 1, 2022
  • How to Deploy Windows 10 (11) with PXE Network Boot?

    June 27, 2022
  • Checking Windows Activation Status on Active Directory Computers

    June 27, 2022
  • Configuring Multiple VLAN Interfaces on Windows

    June 24, 2022
  • How to Disable or Enable USB Drives in Windows using Group Policy?

    June 24, 2022
  • Adding Domain Users to the Local Administrators Group in Windows

    June 23, 2022
  • Viewing a Remote User’s Desktop Session with Shadow Mode in Windows

    June 23, 2022
  • How to Create a Wi-Fi Hotspot on your Windows PC?

    June 23, 2022
  • Configuring SSH Public Key Authentication on Windows

    June 15, 2022

Follow us

woshub.com

ad

  • Facebook
  • Twitter
  • RSS
Popular Posts
  • How to Configure MariaDB Master-Master/Slave Replication?
  • Using iPerf to Test Network Speed and Bandwidth (Throughput)
  • How to Mount Google Drive or OneDrive in Linux?
  • KVM: How to Expand or Shrink a Virtual Machine Disk Size?
  • Adding VLAN Interface in CentOS/Fedora/RHEL
  • Configuring High Performance NGINX and PHP-FPM Web Server
  • Install and Configure SNMP on RHEL/CentOS/Fedor
Footer Logo

@2014 - 2018 - Windows OS Hub. All about operating systems for sysadmins


Back To Top