# [SOLVED] Certs Error During Make

## AlphaXeos

When im compiling my kernel with make it gives me a certs signing key error. See image for details 

http://m.imgur.com/59y2yVFLast edited by AlphaXeos on Fri Oct 07, 2016 7:26 pm; edited 1 time in total

----------

## fedeliallalinea

You have activate "Module signature verification" in kernel?

Post output of 

```
$ grep MODULE_SIG /usr/src/linux/.config
```

----------

## AlphaXeos

```
#

# GCOV-based kernel profiling

#

# CONFIG_GCOV_KERNEL is not set

CONFIG_ARCH_HAS_GCOV_PROFILE_ALL=y

# CONFIG_HAVE_GENERIC_DMA_COHERENT is not set

CONFIG_SLABINFO=y

CONFIG_RT_MUTEXES=y

CONFIG_BASE_SMALL=0

CONFIG_MODULES=y

CONFIG_MODULE_FORCE_LOAD=y

CONFIG_MODULE_UNLOAD=y

# CONFIG_MODULE_FORCE_UNLOAD is not set

CONFIG_MODVERSIONS=y

CONFIG_MODULE_SRCVERSION_ALL=y

CONFIG_MODULE_SIG=y

# CONFIG_MODULE_SIG_FORCE is not set

CONFIG_MODULE_SIG_ALL=y

CONFIG_MODULE_SIG_SHA1=y

# CONFIG_MODULE_SIG_SHA224 is not set

# CONFIG_MODULE_SIG_SHA256 is not set

# CONFIG_MODULE_SIG_SHA384 is not set

# CONFIG_MODULE_SIG_SHA512 is not set

CONFIG_MODULE_SIG_HASH="sha1"

# CONFIG_MODULE_COMPRESS is not set

CONFIG_MODULES_TREE_LOOKUP=y

CONFIG_BLOCK=y

CONFIG_BLK_DEV_BSG=y

CONFIG_BLK_DEV_BSGLIB=y

CONFIG_BLK_DEV_INTEGRITY=y

CONFIG_BLK_DEV_THROTTLING=y

# CONFIG_BLK_CMDLINE_PARSER is not set
```

----------

## Ant P.

I assume you know what you're doing and have the required amount of crypto expertise, which is in effect what you've declared by turning on that non-default config option.

Here's your required reading material, good luck:

- The help text for CONFIG_MODULE_SIG

- linux/Documentation/module-signing.txt

- https://wiki.gentoo.org/wiki/Signed_kernel_module_support

----------

## AlphaXeos

 *Ant P. wrote:*   

> I assume you know what you're doing and have the required amount of crypto expertise, which is in effect what you've declared by turning on that non-default config option.
> 
> Here's your required reading material, good luck:
> 
> - The help text for CONFIG_MODULE_SIG
> ...

 

I wasn't aware that i had a non-default config option set. Could you point me in the right direction? thanks

----------

## Tony0945

 *AlphaXeos wrote:*   

> I wasn't aware that i had a non-default config option set. Could you point me in the right direction? thanks

 

```
X3 ~ #  grep MODULE_SIG /usr/src/linux/.config

# CONFIG_MODULE_SIG is not set

```

Never had a problem. Just run "make menuconfig" and turn that option off. To do that:

1. enable loadable module support (on the first screen)

2. press enter to follow the arrow.

3. disable  "Module signature verification"

I got this by typing "/config_module_sig" while in menuconfig. Yes, it's case insensitive and the "config_" isn't really necessary. "/module_sig" works as well.

I learned that from this forum.

----------

## AlphaXeos

 *Tony0945 wrote:*   

>  *AlphaXeos wrote:*   I wasn't aware that i had a non-default config option set. Could you point me in the right direction? thanks 
> 
> ```
> X3 ~ #  grep MODULE_SIG /usr/src/linux/.config
> 
> ...

 

Thanks for the help! 

Got it working successfully

----------

