When generate KPI keys tree used in secure boot by hab4_pki_tree.sh.
What is the maximum years of the PKI tree keys duration?
What would happen if this max duration is expired?
已解决! 转到解答。
@changbaoma
Hello,
Customers can try to input 200 or 1000 years.
Note: i.MX devices are qualified for 10 - 15 years on continuous operation.
Regards,
Yuri.
Hi, Yuri
I have read your post above, but also confuse me.
What is the maximum duration can i set? 10 years? or 1000 years? or more?
If the KPI keys are valid for 10 years, can the current generated KPI keys be used to sign a new image after 10 years? Or i must to generated new KPI keys at that time.
Our customs may use our products 50 years,even 200 years.
During this period, we need to do equipment maintenance all the time, and will still upgrade and re-sign zImage.
can we input 200 (years) even 1000 years? @Yuri