The Secure Boot security feature on your ASRock motherboard prevents booting from any devices that do not contain valid digital signatures.
In essence, only signed system level drivers can run if this feature is enabled. If any drivers on the operating system or the bootable drives are unsigned or infected-with malware, theUEFI or BIOS firmwarewon’t choose it as a boot device.
you may enable or disable this setting from within theSecuritytab of the UEFI or BIOS interface on your ASRock motherboard.
How to Disable Secure Boot on ASRock Motherboard
While Secure Boot is a security feature that protects your computer from external threats and access, you may need to disable it in a few situations.
For instance, I have bothWindows and Linux as dual bootoptions on my computer. If I change the hardware components or the Linux kernel, the drivers or kernel on my Linux system may not have the necessary digital signature. It is possible tore-sign the software components. But since it’s tiring to do on each change, I usually keep Secure Boot disabled.
However, I also adopt all the preventive measures to prevent any sorts of malware or other threats on my system. If you are not sure that you may do the same, it’s best to leave it on.
Regardless, here’s how you may disable this feature.
you may also remove the keys altogether to disable Secure Boot in a more destructive manner. I don’t recommend doing so especially if you are using custom generated Secure Boot keys and have their backup. Regardless, here’s how you can do it:
How to Enable Secure Boot on ASRock Motherboard
The process to enable Secure Boot is similar to that of disabling this feature. However, you will need to perform additional steps if your UEFI no longer contains the Secure Boot Keys.
If you wish to enable secure boot to upgrade to or install Windows 11, your firmware also needs to be in UEFI mode.
So you have todisable CSM, which carries legacy support. Also, if you have an MBR partition disk instead of a GPT one, you will need to convert it to GPT so that you may enable UEFI mode.
Depending onyour motherboard’s BIOS version, you may need to change these settings in other situations as well.
If you get the “Secure Boot can be enabled when System is in User Mode. Repeat operation after enrolling Platform Key(PK)” or a similar error, it means that your computerdoes not have the necessary Secure Boot keys.
