{"id":3550,"date":"2026-05-08T10:11:53","date_gmt":"2026-05-08T10:11:53","guid":{"rendered":"https:\/\/im-cybersec.com\/?p=3550"},"modified":"2026-05-08T10:13:00","modified_gmt":"2026-05-08T10:13:00","slug":"prepared-for-the-expiration-of-the-secure-boot-windows-uefi-2011-ca","status":"publish","type":"post","link":"https:\/\/im-cybersec.com\/nl\/prepared-for-the-expiration-of-the-secure-boot-windows-uefi-2011-ca\/","title":{"rendered":"Voorbereid op het verlopen van de Secure Boot Windows UEFI 2011 CA?\u00a0"},"content":{"rendered":"<p class=\"has-medium-font-size\">Veel systeembeheerders zijn zich mogelijk nog niet bewust dat de Certificate Authority (CA) die wordt gebruikt om de Windows Secure Boot Loader en de Secure Boot-databases te ondertekenen, binnenkort zal verlopen en vervangen moet worden door een nieuwe. Er circuleert veel informatie online over dit onderwerp, maar het grootste deel daarvan is onvolledig. Daarom willen wij dit vraagstuk uitgebreid bekijken vanuit het perspectief van een systeembeheerder.\u00a0<\/p>\n\n\n\n<p class=\"has-medium-font-size\"><\/p>\n\n\n\n<div class=\"wp-block-uagb-advanced-heading uagb-block-09f50613\"><h2 class=\"uagb-heading-text\"><strong><strong>Windows UEFI Secure Boot maakt gebruik van 4 databases:\u00a0<\/strong><\/strong><\/h2><\/div>\n\n\n\n<div class=\"wp-block-uagb-container uagb-block-9af8250a alignfull uagb-is-root-container\"><div class=\"uagb-container-inner-blocks-wrap\">\n<div style=\"height:15px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n<\/div><\/div>\n\n\n\n<p class=\"has-medium-font-size\">\u2013 KEK (Key Enrollment Key): De CA die hier is opgeslagen wordt gebruikt om updates van de Active DB en DBX te ondertekenen. De Microsoft CA uit 2011 die hier is opgeslagen, verloopt in juni 2026. Zodra de CA is verlopen, kunnen er geen verdere wijzigingen meer worden ondertekend in de DB en DBX.\u00a0<br>\u2013 Default DB: Veel OEM\u2019s updaten de CA die hierin zit naar de Microsoft 2023 CA. Deze Default DB wordt echter niet gebruikt tijdens het opstarten, tenzij u de BIOS terugzet naar fabrieksinstellingen.\u00a0<br>\u2013 Active DB (Secure Boot Signature Database): Dit is waar de CA die wordt gebruikt voor Secure Boot zich bevindt. De Microsoft 2011 CA voor de Windows bootloader verloopt in oktober 2026, terwijl die voor third-party bootloaders in juni 2026 verloopt.\u00a0\u00a0<br>\u2013 DBX (Secure Boot Revoked Signature Database): Ingetrokken certificaten\/bootloaders\u00a0<\/p>\n\n\n\n<p class=\"has-medium-font-size\"><\/p>\n\n\n\n<div class=\"wp-block-uagb-advanced-heading uagb-block-d24d9a9c\"><h2 class=\"uagb-heading-text\">Wat gebeurt er wanneer de CA verloopt?\u00a0<\/h2><\/div>\n\n\n\n<div class=\"wp-block-uagb-container uagb-block-72538a26 alignfull uagb-is-root-container\"><div class=\"uagb-container-inner-blocks-wrap\">\n<div style=\"height:15px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n<\/div><\/div>\n\n\n\n<p class=\"has-medium-font-size\">Volgens Microsoft blijft Secure Boot functioneren op bestaande Windows-installaties. Echter, er kunnen geen wijzigingen meer worden aangebracht in de Secure Boot-configuratie, en de database voor ingetrokken bootloaders wordt niet langer bijgewerkt. Dit vormt een beveiligingsrisico.\u00a0<br><br>Voor systeembeheerders betekent dit ook dat deployment-tools die bijvoorbeeld PXE-boot of USB-boot gebruiken, niet meer werken omdat de oude CA is verlopen en de nieuwe CA niet wordt geaccepteerd.\u00a0<\/p>\n\n\n\n<p class=\"has-medium-font-size\"><\/p>\n\n\n\n<div style=\"height:15px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<div class=\"wp-block-uagb-advanced-heading uagb-block-61f23212\"><h2 class=\"uagb-heading-text\"><strong><strong>Waarom gebeurt de CA-update niet automatisch?\u00a0<\/strong><\/strong><\/h2><\/div>\n\n\n\n<div class=\"wp-block-uagb-container uagb-block-4d38485c alignfull uagb-is-root-container\"><div class=\"uagb-container-inner-blocks-wrap\">\n<div style=\"height:15px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n<\/div><\/div>\n\n\n\n<p class=\"has-medium-font-size\">In principe kan dit automatisch gebeuren, maar in de praktijk moet u nog steeds ingrijpen. De Default DB wordt bijgewerkt via BIOS-updates, mits de fabrikant nog BIOS-updates voor het model levert. Echter, de Active DB is de doorslaggevende factor. Deze zou de nieuwe UEFI 2023 CA via Windows Update moeten ontvangen, maar dit is standaard uitgeschakeld.\n\nEr is een taak geconfigureerd in Windows Task Scheduler die elke 12 uur wordt uitgevoerd om de UEFI 2023 CA naar de KEK en Active DB te schrijven. Echter, deze kan dit meestal niet uitvoeren omdat een instelling in het register dit blokkeert. Daarom verschijnen foutmeldingen 1801 van TPM-WMI in het Windows System Log.\u00a0<\/p>\n\n\n\n<div class=\"wp-block-uagb-container uagb-block-628edde5 alignfull uagb-is-root-container\"><div class=\"uagb-container-inner-blocks-wrap\">\n<div style=\"height:15px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n<\/div><\/div>\n\n\n\n<div class=\"wp-block-uagb-advanced-heading uagb-block-7a8d9477\"><h2 class=\"uagb-heading-text\"><strong><strong>Hoe kan ik de UEFI 2023 CA uitrollen?\u00a0<\/strong><\/strong><\/h2><\/div>\n\n\n\n<div class=\"wp-block-uagb-container uagb-block-a4f14b13 alignfull uagb-is-root-container\"><div class=\"uagb-container-inner-blocks-wrap\">\n<div style=\"height:15px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n<\/div><\/div>\n\n\n\n<p class=\"has-medium-font-size\">Volgens onze informatie moet Secure Boot hiervoor ingeschakeld zijn.\u00a0<br><br>Microsoft heeft hiervoor een administratieve template geleverd in de Group Policy Templates voor Windows 11 25H2 (v2). De namen van de drie bestaande templates voor Secure Boot zijn echter misleidend, dus u moet zorgvuldig controleren welke u inschakelt. In de meeste gevallen zult u \u201cEnable Secure Boot Certificate Deployment\u201d inschakelen.\u00a0<br><br>Zodra dit is toegepast, kan de achtergrondtaak in Task Scheduler het certificaat naar de KEK en Active DB schrijven.\u00a0\u00a0<br><br>Na twee herstarts is het proces voltooid.\n\nHet wordt echter aanbevolen om het proces en de status ervan te monitoren. Met behulp van twee eenvoudige inventory rules in KACE of Action1 kunt u bepalen of de deployment daadwerkelijk is ingeschakeld en wat de status van de UEFI2023CA is (NotStarted, InProgress of Updated).\u00a0<br><br>Hoewel de group policy de CA-update toestaat, krijgt u alleen via de inventory rules en bijbehorende rapporten een overzicht van welke apparaten beveiligd zijn en waar handmatige interventie nog nodig is.\u00a0<\/p>\n\n\n\n<p class=\"has-medium-font-size\"><\/p>\n\n\n\n<div class=\"wp-block-uagb-container uagb-block-877edecf alignfull uagb-is-root-container\"><div class=\"uagb-container-inner-blocks-wrap\">\n<div style=\"height:15px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<div class=\"wp-block-uagb-advanced-heading uagb-block-4c7e1d18\"><h2 class=\"uagb-heading-text\"><strong>Hulp nodig bij de Windows Secure Boot CA rollout?<\/strong><\/h2><\/div>\n<\/div><\/div>\n\n\n\n<div class=\"wp-block-uagb-container uagb-block-7e23fd34 alignfull uagb-is-root-container\"><div class=\"uagb-container-inner-blocks-wrap\">\n<div style=\"height:15px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n<\/div><\/div>\n\n\n\n<p class=\"has-medium-font-size\">Als u niet zeker weet of uw omgeving al is voorbereid op de aankomende Secure Boot CA-expiratie, of als u operationele verstoringen en beveiligingsgaten wilt vermijden, staan wij voor u klaar om te helpen. Wij kunnen u ondersteunen bij het plannen en uitvoeren van de UEFI 2023 CA rollout, het configureren van de benodigde Group Policies en het valideren dat de deployment succesvol is toegepast op al uw endpoints.\n\nDaarnaast kunnen wij u helpen bij het opzetten van correcte monitoring en reporting, zodat u altijd een duidelijk overzicht heeft van welke apparaten compliant zijn en waar nog handmatige actie vereist is.\n\nNeem contact met ons op voor een consult en zorg ervoor dat uw infrastructuur veilig en toekomstbestendig blijft, zonder onnodige risico\u2019s of last-minute problemen.<\/p>\n\n\n\n<p class=\"has-medium-font-size\"><\/p>\n\n\n\n<div class=\"wp-block-uagb-buttons uagb-buttons__outer-wrap uagb-btn__default-btn uagb-btn-tablet__default-btn uagb-btn-mobile__default-btn uagb-block-925ecbcd\"><div class=\"uagb-buttons__wrap uagb-buttons-layout-wrap\">\n<div class=\"wp-block-uagb-buttons-child uagb-buttons__outer-wrap uagb-block-9debbc82 wp-block-button\"><div class=\"uagb-button__wrapper\"><a class=\"uagb-buttons-repeater wp-block-button__link\" aria-label=\"\" href=\"https:\/\/im-cybersec.com\/nl\/contact\/\" rel=\"follow noopener\" target=\"_self\" role=\"button\"><div class=\"uagb-button__link\">Boek een gesprek<\/div><\/a><\/div><\/div>\n<\/div><\/div>","protected":false},"excerpt":{"rendered":"<p>Many system administrators may not yet be aware that the Certificate Authority (CA) used to sign the Windows Secure Boot\u00a0Loader\u00a0and the Secure Boot databases is set to expire shortly and must be replaced with a new one. There is a lot of information circulating online about this topic, but most of it is incomplete. Therefore, [&hellip;]<\/p>","protected":false},"author":1,"featured_media":3551,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_uag_custom_page_level_css":"","site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"set","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[5],"tags":[],"class_list":["post-3550","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uem"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Prepared for the\u00a0expiration\u00a0of the Secure Boot Windows UEFI 2011 CA?\u00a0 - IM CyberSec<\/title>\n<meta name=\"description\" content=\"Okta: With employees, partners, and customers accessing applications from anywhere, organizations can no longer rely on traditional network-\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/im-cybersec.com\/nl\/prepared-for-the-expiration-of-the-secure-boot-windows-uefi-2011-ca\/\" \/>\n<meta property=\"og:locale\" content=\"nl_NL\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Prepared for the\u00a0expiration\u00a0of the Secure Boot Windows UEFI 2011 CA?\u00a0 - IM CyberSec\" \/>\n<meta property=\"og:description\" content=\"Okta: With employees, partners, and customers accessing applications from anywhere, organizations can no longer rely on traditional network-\" \/>\n<meta property=\"og:url\" content=\"https:\/\/im-cybersec.com\/nl\/prepared-for-the-expiration-of-the-secure-boot-windows-uefi-2011-ca\/\" \/>\n<meta property=\"og:site_name\" content=\"IM CyberSec\" \/>\n<meta property=\"article:published_time\" content=\"2026-05-08T10:11:53+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-05-08T10:13:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/im-cybersec.com\/wp-content\/uploads\/2026\/05\/blog-baner-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija.png\" \/>\n\t<meta property=\"og:image:width\" content=\"2000\" \/>\n\t<meta property=\"og:image:height\" content=\"500\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"anita.xd@yahoo.com\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Geschreven door\" \/>\n\t<meta name=\"twitter:data1\" content=\"anita.xd@yahoo.com\" \/>\n\t<meta name=\"twitter:label2\" content=\"Geschatte leestijd\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minuut\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/im-cybersec.com\\\/prepared-for-the-expiration-of-the-secure-boot-windows-uefi-2011-ca\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/im-cybersec.com\\\/prepared-for-the-expiration-of-the-secure-boot-windows-uefi-2011-ca\\\/\"},\"author\":{\"name\":\"anita.xd@yahoo.com\",\"@id\":\"https:\\\/\\\/im-cybersec.com\\\/#\\\/schema\\\/person\\\/881cf8ee4594040f2ee1098fba22983c\"},\"headline\":\"Prepared for the\u00a0expiration\u00a0of the Secure Boot Windows UEFI 2011 CA?\u00a0\",\"datePublished\":\"2026-05-08T10:11:53+00:00\",\"dateModified\":\"2026-05-08T10:13:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/im-cybersec.com\\\/prepared-for-the-expiration-of-the-secure-boot-windows-uefi-2011-ca\\\/\"},\"wordCount\":710,\"commentCount\":0,\"image\":{\"@id\":\"https:\\\/\\\/im-cybersec.com\\\/prepared-for-the-expiration-of-the-secure-boot-windows-uefi-2011-ca\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/im-cybersec.com\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/blog-baner-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija.png\",\"articleSection\":[\"UEM\"],\"inLanguage\":\"nl-NL\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/im-cybersec.com\\\/prepared-for-the-expiration-of-the-secure-boot-windows-uefi-2011-ca\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/im-cybersec.com\\\/prepared-for-the-expiration-of-the-secure-boot-windows-uefi-2011-ca\\\/\",\"url\":\"https:\\\/\\\/im-cybersec.com\\\/prepared-for-the-expiration-of-the-secure-boot-windows-uefi-2011-ca\\\/\",\"name\":\"Prepared for the\u00a0expiration\u00a0of the Secure Boot Windows UEFI 2011 CA?\u00a0 - IM CyberSec\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/im-cybersec.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/im-cybersec.com\\\/prepared-for-the-expiration-of-the-secure-boot-windows-uefi-2011-ca\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/im-cybersec.com\\\/prepared-for-the-expiration-of-the-secure-boot-windows-uefi-2011-ca\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/im-cybersec.com\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/blog-baner-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija.png\",\"datePublished\":\"2026-05-08T10:11:53+00:00\",\"dateModified\":\"2026-05-08T10:13:00+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/im-cybersec.com\\\/#\\\/schema\\\/person\\\/881cf8ee4594040f2ee1098fba22983c\"},\"description\":\"Okta: With employees, partners, and customers accessing applications from anywhere, organizations can no longer rely on traditional network-\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/im-cybersec.com\\\/prepared-for-the-expiration-of-the-secure-boot-windows-uefi-2011-ca\\\/#breadcrumb\"},\"inLanguage\":\"nl-NL\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/im-cybersec.com\\\/prepared-for-the-expiration-of-the-secure-boot-windows-uefi-2011-ca\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"nl-NL\",\"@id\":\"https:\\\/\\\/im-cybersec.com\\\/prepared-for-the-expiration-of-the-secure-boot-windows-uefi-2011-ca\\\/#primaryimage\",\"url\":\"https:\\\/\\\/im-cybersec.com\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/blog-baner-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija.png\",\"contentUrl\":\"https:\\\/\\\/im-cybersec.com\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/blog-baner-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija.png\",\"width\":2000,\"height\":500},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/im-cybersec.com\\\/prepared-for-the-expiration-of-the-secure-boot-windows-uefi-2011-ca\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/im-cybersec.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Prepared for the\u00a0expiration\u00a0of the Secure Boot Windows UEFI 2011 CA?\u00a0\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/im-cybersec.com\\\/#website\",\"url\":\"https:\\\/\\\/im-cybersec.com\\\/\",\"name\":\"IM CyberSec\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/im-cybersec.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"nl-NL\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/im-cybersec.com\\\/#\\\/schema\\\/person\\\/881cf8ee4594040f2ee1098fba22983c\",\"name\":\"anita.xd@yahoo.com\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"nl-NL\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/229e9beba15247a177ba258405a92e675b8a68f26f39e77887a63f4b4203c7a3?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/229e9beba15247a177ba258405a92e675b8a68f26f39e77887a63f4b4203c7a3?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/229e9beba15247a177ba258405a92e675b8a68f26f39e77887a63f4b4203c7a3?s=96&d=mm&r=g\",\"caption\":\"anita.xd@yahoo.com\"},\"sameAs\":[\"https:\\\/\\\/im-cybersec.com\"],\"url\":\"https:\\\/\\\/im-cybersec.com\\\/nl\\\/author\\\/anita-xdyahoo-com\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Prepared for the\u00a0expiration\u00a0of the Secure Boot Windows UEFI 2011 CA?\u00a0 - IM CyberSec","description":"Okta: With employees, partners, and customers accessing applications from anywhere, organizations can no longer rely on traditional network-","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/im-cybersec.com\/nl\/prepared-for-the-expiration-of-the-secure-boot-windows-uefi-2011-ca\/","og_locale":"nl_NL","og_type":"article","og_title":"Prepared for the\u00a0expiration\u00a0of the Secure Boot Windows UEFI 2011 CA?\u00a0 - IM CyberSec","og_description":"Okta: With employees, partners, and customers accessing applications from anywhere, organizations can no longer rely on traditional network-","og_url":"https:\/\/im-cybersec.com\/nl\/prepared-for-the-expiration-of-the-secure-boot-windows-uefi-2011-ca\/","og_site_name":"IM CyberSec","article_published_time":"2026-05-08T10:11:53+00:00","article_modified_time":"2026-05-08T10:13:00+00:00","og_image":[{"width":2000,"height":500,"url":"https:\/\/im-cybersec.com\/wp-content\/uploads\/2026\/05\/blog-baner-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija.png","type":"image\/png"}],"author":"anita.xd@yahoo.com","twitter_card":"summary_large_image","twitter_misc":{"Geschreven door":"anita.xd@yahoo.com","Geschatte leestijd":"1 minuut"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/im-cybersec.com\/prepared-for-the-expiration-of-the-secure-boot-windows-uefi-2011-ca\/#article","isPartOf":{"@id":"https:\/\/im-cybersec.com\/prepared-for-the-expiration-of-the-secure-boot-windows-uefi-2011-ca\/"},"author":{"name":"anita.xd@yahoo.com","@id":"https:\/\/im-cybersec.com\/#\/schema\/person\/881cf8ee4594040f2ee1098fba22983c"},"headline":"Prepared for the\u00a0expiration\u00a0of the Secure Boot Windows UEFI 2011 CA?\u00a0","datePublished":"2026-05-08T10:11:53+00:00","dateModified":"2026-05-08T10:13:00+00:00","mainEntityOfPage":{"@id":"https:\/\/im-cybersec.com\/prepared-for-the-expiration-of-the-secure-boot-windows-uefi-2011-ca\/"},"wordCount":710,"commentCount":0,"image":{"@id":"https:\/\/im-cybersec.com\/prepared-for-the-expiration-of-the-secure-boot-windows-uefi-2011-ca\/#primaryimage"},"thumbnailUrl":"https:\/\/im-cybersec.com\/wp-content\/uploads\/2026\/05\/blog-baner-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija.png","articleSection":["UEM"],"inLanguage":"nl-NL","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/im-cybersec.com\/prepared-for-the-expiration-of-the-secure-boot-windows-uefi-2011-ca\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/im-cybersec.com\/prepared-for-the-expiration-of-the-secure-boot-windows-uefi-2011-ca\/","url":"https:\/\/im-cybersec.com\/prepared-for-the-expiration-of-the-secure-boot-windows-uefi-2011-ca\/","name":"Prepared for the\u00a0expiration\u00a0of the Secure Boot Windows UEFI 2011 CA?\u00a0 - IM CyberSec","isPartOf":{"@id":"https:\/\/im-cybersec.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/im-cybersec.com\/prepared-for-the-expiration-of-the-secure-boot-windows-uefi-2011-ca\/#primaryimage"},"image":{"@id":"https:\/\/im-cybersec.com\/prepared-for-the-expiration-of-the-secure-boot-windows-uefi-2011-ca\/#primaryimage"},"thumbnailUrl":"https:\/\/im-cybersec.com\/wp-content\/uploads\/2026\/05\/blog-baner-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija.png","datePublished":"2026-05-08T10:11:53+00:00","dateModified":"2026-05-08T10:13:00+00:00","author":{"@id":"https:\/\/im-cybersec.com\/#\/schema\/person\/881cf8ee4594040f2ee1098fba22983c"},"description":"Okta: With employees, partners, and customers accessing applications from anywhere, organizations can no longer rely on traditional network-","breadcrumb":{"@id":"https:\/\/im-cybersec.com\/prepared-for-the-expiration-of-the-secure-boot-windows-uefi-2011-ca\/#breadcrumb"},"inLanguage":"nl-NL","potentialAction":[{"@type":"ReadAction","target":["https:\/\/im-cybersec.com\/prepared-for-the-expiration-of-the-secure-boot-windows-uefi-2011-ca\/"]}]},{"@type":"ImageObject","inLanguage":"nl-NL","@id":"https:\/\/im-cybersec.com\/prepared-for-the-expiration-of-the-secure-boot-windows-uefi-2011-ca\/#primaryimage","url":"https:\/\/im-cybersec.com\/wp-content\/uploads\/2026\/05\/blog-baner-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija.png","contentUrl":"https:\/\/im-cybersec.com\/wp-content\/uploads\/2026\/05\/blog-baner-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija.png","width":2000,"height":500},{"@type":"BreadcrumbList","@id":"https:\/\/im-cybersec.com\/prepared-for-the-expiration-of-the-secure-boot-windows-uefi-2011-ca\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/im-cybersec.com\/"},{"@type":"ListItem","position":2,"name":"Prepared for the\u00a0expiration\u00a0of the Secure Boot Windows UEFI 2011 CA?\u00a0"}]},{"@type":"WebSite","@id":"https:\/\/im-cybersec.com\/#website","url":"https:\/\/im-cybersec.com\/","name":"IM CyberSec","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/im-cybersec.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"nl-NL"},{"@type":"Person","@id":"https:\/\/im-cybersec.com\/#\/schema\/person\/881cf8ee4594040f2ee1098fba22983c","name":"anita.xd@yahoo.com","image":{"@type":"ImageObject","inLanguage":"nl-NL","@id":"https:\/\/secure.gravatar.com\/avatar\/229e9beba15247a177ba258405a92e675b8a68f26f39e77887a63f4b4203c7a3?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/229e9beba15247a177ba258405a92e675b8a68f26f39e77887a63f4b4203c7a3?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/229e9beba15247a177ba258405a92e675b8a68f26f39e77887a63f4b4203c7a3?s=96&d=mm&r=g","caption":"anita.xd@yahoo.com"},"sameAs":["https:\/\/im-cybersec.com"],"url":"https:\/\/im-cybersec.com\/nl\/author\/anita-xdyahoo-com\/"}]}},"uagb_featured_image_src":{"full":["https:\/\/im-cybersec.com\/wp-content\/uploads\/2026\/05\/blog-baner-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija.png",2000,500,false],"thumbnail":["https:\/\/im-cybersec.com\/wp-content\/uploads\/2026\/05\/blog-baner-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija-150x150.png",150,150,true],"medium":["https:\/\/im-cybersec.com\/wp-content\/uploads\/2026\/05\/blog-baner-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija-300x75.png",300,75,true],"medium_large":["https:\/\/im-cybersec.com\/wp-content\/uploads\/2026\/05\/blog-baner-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija-768x192.png",768,192,true],"large":["https:\/\/im-cybersec.com\/wp-content\/uploads\/2026\/05\/blog-baner-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija-1024x256.png",1024,256,true],"1536x1536":["https:\/\/im-cybersec.com\/wp-content\/uploads\/2026\/05\/blog-baner-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija-1536x384.png",1536,384,true],"2048x2048":["https:\/\/im-cybersec.com\/wp-content\/uploads\/2026\/05\/blog-baner-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija.png",2000,500,false],"trp-custom-language-flag":["https:\/\/im-cybersec.com\/wp-content\/uploads\/2026\/05\/blog-baner-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija-\u2013-kopija-18x5.png",18,5,true]},"uagb_author_info":{"display_name":"anita.xd@yahoo.com","author_link":"https:\/\/im-cybersec.com\/nl\/author\/anita-xdyahoo-com\/"},"uagb_comment_info":0,"uagb_excerpt":"Many system administrators may not yet be aware that the Certificate Authority (CA) used to sign the Windows Secure Boot\u00a0Loader\u00a0and the Secure Boot databases is set to expire shortly and must be replaced with a new one. There is a lot of information circulating online about this topic, but most of it is incomplete. Therefore,&hellip;","_links":{"self":[{"href":"https:\/\/im-cybersec.com\/nl\/wp-json\/wp\/v2\/posts\/3550","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/im-cybersec.com\/nl\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/im-cybersec.com\/nl\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/im-cybersec.com\/nl\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/im-cybersec.com\/nl\/wp-json\/wp\/v2\/comments?post=3550"}],"version-history":[{"count":2,"href":"https:\/\/im-cybersec.com\/nl\/wp-json\/wp\/v2\/posts\/3550\/revisions"}],"predecessor-version":[{"id":3553,"href":"https:\/\/im-cybersec.com\/nl\/wp-json\/wp\/v2\/posts\/3550\/revisions\/3553"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/im-cybersec.com\/nl\/wp-json\/wp\/v2\/media\/3551"}],"wp:attachment":[{"href":"https:\/\/im-cybersec.com\/nl\/wp-json\/wp\/v2\/media?parent=3550"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/im-cybersec.com\/nl\/wp-json\/wp\/v2\/categories?post=3550"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/im-cybersec.com\/nl\/wp-json\/wp\/v2\/tags?post=3550"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}