1 files changed, 1 insertions, 1 deletions
diff --git a/meta-integrity/recipes-core/initrdscripts/files/init.ima b/meta-integrity/recipes-core/initrdscripts/files/init.ima
index 5d12945..6cd7c88 100755
--- a/meta-integrity/recipes-core/initrdscripts/files/init.ima
+++ b/meta-integrity/recipes-core/initrdscripts/files/init.ima
@@ -100,7 +100,7 @@ keyring_id=0x`grep '\skeyring\s*\.ima: ' "${ROOT_DIR}/proc/keys" | awk '{ print
 # The trusted IMA certificate /etc/keys/x509_evm.der in initramfs was
 # automatically loaded by kernel already. Here is the opportunity to load
 # a custom IMA certificate from the real rootfs.
-for cert in ${ROOT_DIR}/etc/keys/x509_evm*.crt; do
+for cert in ${ROOT_DIR}/etc/keys/x509_evm*.der; do
    [ ! -s "$cert" ] && continue
    if ! evmctl import "$cert" "$keyring_id" >"${ROOT_DIR}/dev/null"; then

diff --git a/meta-integrity/recipes-core/initrdscripts/files/init.ima b/meta-integrity/recipes-core/initrdscripts/files/init.ima index 5d12945..6cd7c88 100755 --- a/meta-integrity/recipes-core/initrdscripts/files/init.ima +++ b/meta-integrity/recipes-core/initrdscripts/files/init.ima
@@ -100,7 +100,7 @@ keyring_id=0x`grep '\skeyring\s*\.ima: ' "${ROOT_DIR}/proc/keys" \| awk '{ print
100	# The trusted IMA certificate /etc/keys/x509_evm.der in initramfs was	100	# The trusted IMA certificate /etc/keys/x509_evm.der in initramfs was
101	# automatically loaded by kernel already. Here is the opportunity to load	101	# automatically loaded by kernel already. Here is the opportunity to load
102	# a custom IMA certificate from the real rootfs.	102	# a custom IMA certificate from the real rootfs.
103	for cert in ${ROOT_DIR}/etc/keys/x509_evm*.crt; do	103	for cert in ${ROOT_DIR}/etc/keys/x509_evm*.der; do
104	[ ! -s "$cert" ] && continue	104	[ ! -s "$cert" ] && continue
105		105
106	if ! evmctl import "$cert" "$keyring_id" >"${ROOT_DIR}/dev/null"; then	106	if ! evmctl import "$cert" "$keyring_id" >"${ROOT_DIR}/dev/null"; then