Recent kernels signs their modules with an autogenerated key at compilation time, which is configured with a genkey file. If that file doesn’t exist, it will also be autogenerated.
dmesg | grep cert
shows basic certificate info, more details with
sudo cat /proc/keys.
It just says “autogenerated kernel key” on Manjaro 4.19.
However, you can provide a genkey file with customised info.
The file should be put in
$srcdir/certs/x509.genkey, it would look like this.
[ req ] default_bits = 4096 distinguished_name = req_distinguished_name prompt = no string_mask = utf8only x509_extensions = myexts [ req_distinguished_name ] O = <Organisation> CN = <Comment> emailAddress = <email@example.com> [ myexts ] basicConstraints=critical,CA:FALSE keyUsage=digitalSignature subjectKeyIdentifier=hash authorityKeyIdentifier=keyid
My suggestion is to change the info in req_distinguished_name to something like “Manjaro”.
Low priority obviously
add link to kernel documentation:
It is strongly recommended that you provide your own x509.genkey file.