I used the CST tool to sign the u-boot and kernel image.
In u-boot, Source index is 0, and for csfk and key, I used img1 and csf1 certs
And for the kernel, source index is 2 and for csfk and key, I take img3 and csf3 certs
However, the u-boot is unable to load the kernel. it seems like hab verification failed.
Is it possible to load u-boot signed by one certs and kernel signed by one certs ?