ASUS UEFI Boot utility and secure boot

[aianta]

Hello,
I have recently just built a rig (and am currently typing this on said rig )

Important specs here are the following:

Asus z97 Sabertooth Mark 1 Motherboard

Msi 780 gtx twin frozr 6GB edition

When I finished building my rig I had a lot of difficulty actually booting, naturally I thought I had done goofed somewhere and began trouble shooting. This turned out not to really be the case. When I removed my graphics card and switched to integrated graphics the computer booted just fine and I got into the UEFI BIOS utility.

Now having done some googling I found that a new feature called secure boot, it likely not recognizing my card and therefore not allowing the computer to boot. I even found the secure boot option in the UEFI BIOS utility. My only problem is that I cant seem to disable it. The option is greyed out.

Anyone have any ideas as to how to disable this thing, or what else could stop my graphics card from working?

It was properly connected to the PCIe slot and all power pins (6 and 8) were properly connected, power supply is evidently working fine since I am typing this now. Both fans were spinning on the graphics card and there were no beebs or warning LEDs from the motherboard. This is what leads me to believe that this "secure boot" is to blame.

The problem is just that there simply is no video output when the card is being used OR when the card is in the computer. (so if the card is in there, then I cant even use integrated graphics. The second the card is physically removed integrated graphics are working just fine and everything else is just dandy)

 

[romirez]

To activate all greyed options you must to set passwords for Master and User in bios.
About videocard - I dont sure if secure boot will help.
Try to clean goldfingers at videocard as minimum.

 

[Phreedom1]

To activate all greyed options you must to set passwords for Master and User in bios.
About videocard - I dont sure if secure boot will help.
Try to clean goldfingers at videocard as minimum.

Not true...I set both passwords and the enable/disable secure boot option is still greyed out.

 

[romirez]

Not true...I set both passwords and the enable/disable secure boot option is still greyed out.

*Not true* are big words.

P.S. Successfully enabled/disabled secure boot on over 10 different PC/Laptops...

 

[Phreedom1]

Not true...I set both passwords and the enable/disable secure boot option is still greyed out.

*Not true* are big words.

P.S. Successfully enabled/disabled secure boot on over 10 different PC/Laptops...

I'll be more specific for you...that technique doesn't seem to work for the new Z97 ASUS boards with the latest BIOS. Not sure why as it's really bothering me. I can't get a answer that works. No matter what I try the option stays greyed out.

 

[mc962]

Copy and paste about Secure Boot:

"
What happens if my new hardware isn’t trusted?

Your PC may not be able to boot. There are two kinds of problems that can occur:

The firmware may not trust the operating system, option ROM, driver, or app because it is not trusted by the Secure Boot database.

Some hardware requires kernel-mode drivers that must be signed. Note: many older 32-bit (x86) drivers are not signed, because kernel-mode driver signing is a recent requirement for Secure Boot. For more info, see Secure boot feature signing requirements for kernel-mode drivers.

For more info, see Windows 8 with Secure Boot enabled may no longer boot after installing new hardware.

How can I add hardware or run software or operating systems that haven’t been trusted by my manufacturer?

You can check for software updates from Microsoft and/or the PC manufacturer.

You can contact your manufacturer to request new hardware or software to be added to the Secure Boot database.

For most PCs, you can disable Secure Boot through the PC’s BIOS. For more info, see Disabling Secure Boot.

For logo-certified Windows RT 8.1 and Windows RT PCs, Secure Boot is required to be configured so that it cannot be disabled.
"

Did you try and install the drivers for your card? Check if there were any BIOS updates addressing the issue?


Worst case scenario, you can try and call ASUS and ask them to look into it, I don't see why they would purposefully make it an issue to put a good gpu in one of their higher end boards.

*I took a look at my Z87 version, and the secureboot stuff was greyed out as well, but I never set up any of those passwords either. I did, however, have the option of changing the OS type if I wanted. Not as sure what that is, but you might want to at least look into it. And again, calling ASUS Probably shouldnt hurt. I have a gigabyte gtx 760 and it worked just fine, so im not really sure why a 780 is giving trouble

 

[dw85745]

I have a new ASUS H97-Plus and have the same problem.

Curious if anyone has resolved this as ASUS technical support is impossible to reach.

 

[Bruce867]

How to shut down Secure Boot on ASUS UEFI MB. Credit to romirez for the last clue I needed: set Master password on Main Tab BIOS.
So here are the steps to disable Secure boot in ASUS BIOS; first make sure you have a clean formatted USB I just used an old 2gb and formatted to Fat32 label it PK Keys, put it in a USB port and boot up into BIOS.
Go to Boot tab page down to "Secure boot" select by hitting "Enter"
Should open "Secure Boot menu" should show Secure Boot state as "enabled" and Platform Key (PK) state as "loaded"
Page down to "OS Type" select "Windows UEFI"
Page Down to "Key Management" select by hitting "Enter" select 2nd entry "Save Secure Boot Keys" to USB. AFTER you have saved keys and confirmed on another computer that you have ALL 4 files: db, dbx, KEK, PK should be ~ 15 - 20 kb total.
Page down to PK Management select "Delete PK" look right to info panel and read it, hit "Enter". This disables Secure Boot in ASUS BIOS.

Hit F10 and reboot into BIOS

Go to Boot tab page down to "Secure boot" select by hitting "Enter"
Should open "Secure Boot menu" should show Secure Boot state as "disabled" and Platform Key (PK) state as "unloaded"

 

[azebot]

How to shut down Secure Boot on ASUS UEFI MB. Credit to romirez for the last clue I needed: set Master password on Main Tab BIOS.
So here are the steps to disable Secure boot in ASUS BIOS; first make sure you have a clean formatted USB I just used an old 2gb and formatted to Fat32 label it PK Keys, put it in a USB port and boot up into BIOS.
Go to Boot tab page down to "Secure boot" select by hitting "Enter"
Should open "Secure Boot menu" should show Secure Boot state as "enabled" and Platform Key (PK) state as "loaded"
Page down to "OS Type" select "Windows UEFI"
Page Down to "Key Management" select by hitting "Enter" select 2nd entry "Save Secure Boot Keys" to USB. AFTER you have saved keys and confirmed on another computer that you have ALL 4 files: db, dbx, KEK, PK should be ~ 15 - 20 kb total.
Page down to PK Management select "Delete PK" look right to info panel and read it, hit "Enter". This disables Secure Boot in ASUS BIOS.

Hit F10 and reboot into BIOS

Go to Boot tab page down to "Secure boot" select by hitting "Enter"
Should open "Secure Boot menu" should show Secure Boot state as "disabled" and Platform Key (PK) state as "unloaded"

Can you change back to enabled afterwards?

 

[kkiteveles]

I was having the same problem as you are while trying to install Mac OS X with Unibeast. All you need to do is go to key management under the boot tab in advanced mode and clear secure boot keys.

 

[NickMoignard]

G'day aianta,

im sure you have soved this by now but.

i just had the same problem. with the z97 sabertooth mk2 (ASUS)

in order to fix.
i set the admin & user password in the UEFI, (didnt change greyed out status)
then i went into the key management section below secure boot section, where i deleted all the current secure keys. i left the key fields blank.
when you go back up into secure boot management, the options are still greyed out, but secure boot is no longer enabled.
thats how i disable secure boot in my UEFI

 

[Yippee38]

FWIW, you don't need to put in passwords to delete the keys and disable secure boot.

 

[Ben_49]

Not true...I set both passwords and the enable/disable secure boot option is still greyed out.

*Not true* are big words.

P.S. Successfully enabled/disabled secure boot on over 10 different PC/Laptops...

Well, all I "know" for sure sure is I got the same results, with exactly the same method, maybe a tutorial would be nice.

 

[kohait00]

To add some more detail to it and for the Linux lovers (windows should have its proper support I suppose, including this shit of Secure Boot)

to make the UEFI boot in native mode on this otherwise very good mainboard (except for the crappy buggy BIOS)
I managed to UEFI boot from a preinstalled SSD (that had a linux/grub EFI installation premade on another PC).
So I guess installing is still bit difficult. I just happen to have the luck to not need to install, and only figure out how to boot this SSD

* remove/clear all keys under boot/secure boot/key management as described above, so the Secure boot state states 'disabled' and the keys are 'unloaded'
* select 'other OS' under boot/secure boot/os Type
* disable boot/fastboot to really load all hardware drivers
* suppose, setting Administrator password is only optional, so no need for that

* important: the crap of ASUS BIOS can't cope with the grub names of the efi files neither the path.. Change this as below:

On your FAT boot partition (in my case)

change
/EFI/gentoo/grubx64.efi

into the default UEFI path
/EFI/boot/bootx64.efi

And BOOM it boots My other EVGA board does have its issues too, but it still can cope with the linux entries made by grub2-install
My next MoBo shall be of any other Brand, ASRock seems appealing..

 

[Michael_248]

To activate all greyed options you must to set passwords for Master and User in bios.
About videocard - I dont sure if secure boot will help.
Try to clean goldfingers at videocard as minimum.

Setting a supervisor password worked for me, thank you!!!

 

[schmoosu]

For me, the supervisor password didn't work.

So I disabled Fast Boot mode, rebooted and then whilst 'Boot Configuration' remained greyed out, the 'Secure Boot' options suddenly appeared for me and I was able to select 'Other OS' and all fixed.

Annoying that a MS Update could cause this, but not sure if MS or Asus are to blame!!! However, at least I can boot now!

Asus Motherboard H81M-K Bios Version 0703 (Windows 7 Pro)

 

[TheCylonHunter]

ASUS Posted a fix for this issue on their site as well for anyone still dealing with this: http://www.asus.com/support/FAQ/1016356/

 

[U6b36ef]

I have a new ASUS H97-Plus and have the same problem.

Curious if anyone has resolved this as ASUS technical support is impossible to reach.

I just had this on an H97 plus.

I went to secure boot options. Yes the stuff below it does look greyed out.

However I clicked on the text that said 'key management', and a menu opened up. I clicked remove secure boot keys. Now my PC boots up.

I did try going back and installing new secure boot keys which is an easy option there. However this caused the PC not to boot again.

What bothers me is shy this happened because it said it's caused by an un-authorised change. The only change I made was a Windows update, but I had booted once since then.

Anyway I am off to read the Asus solution that someone posted about.

 

[oz_anon]

Ive tried everything. Secure boot is disabled, the keys are unloaded, i have set administrator password for bois and im still in uefi mode? My motherboard is asus m81m-plus

Also running windows 10

 

[Dure__]

Ive tried everything. Secure boot is disabled, the keys are unloaded, i have set administrator password for bois and im still in uefi mode? My motherboard is asus m81m-plus

Also running windows 10

Make sure you re-enable your raid setup, if applicable. I had the same issue and after following the above steps couldn't figure out why it didn't work. *facepalm*