Because I am a slacker, I didn't really think much about it. I ran a #powershell command to check that I had the new certificates, and it came back "True"...so...golden, right? Ooooooh, but no.

(Powershell command to check cert: run it as an Administrator, and type

([System.Text.Encoding]::ASCII.GetString((Get-SecureBootUEFI db).bytes) -match 'Windows UEFI CA 2023')

If True, you have updated certs. )

But...just because you have new certificates DOES NOT MEAN THEY ARE INSTALLED.

The second thing to check is the “default db,” which shows whether the new #SecureBoot certificates are baked into your PC’s firmware.

#PowerShell command:
([System.Text.Encoding]::ASCII.GetString((Get-SecureBootUEFI dbdefault).bytes) -match 'Windows UEFI CA 2023')

If this command returns “true,” your system is running an updated BIOS with the new Secure Boot certificates built in. Older PCs and systems without a #BIOS update installed will return “false” here.

2/

So, I got True on option 1, and false on option 2. And thus began a morning of frustration.

I flashed my bios more times than an OnlyFans camboi flashes daddy. I updated my IO drivers, my video drivers, my firmware drivers, all in a vain attempt to get this silly old box to accept the new certificates.

Fail, time after time. Finally went old school, working directly at the bios level, watching what was happening.

It failed because the chip needs 64k more memory than it has. A molecule of memory. This insanely powerful box, even though it's old, is kneecapped by 64k of missing memory in a component part that cannot be replaced.

Yeah...I don't think tactical airstrikes are an overreaction.

3/3