Microsoft Download Center Archive

Microsoft Surface Pro UEFI CA

  • Published:
  • Version: 1.0
  • Category: Tool
  • Language: English

Microsoft Surface Pro UEFI CA OEM PK Tool

  • Surface Pro and Surface Pro 2 systems currently do not include the Microsoft UEFI Certification Authority certificate in the system UEFI Secure Boot database. If present, this certificate would be in the Allowed Database (also referred to as “db”), enabling the execution of 3rd party UEFI applications and drivers that have been signed by the Microsoft UEFI CA. The tool bundled with this release enables the addition of the Microsoft UEFI Certification Authority certificate to the db. This tool is intended for use by IT professionals and advanced users who require the execution of 3rd party UEFI applications and drivers on a Secure Boot enabled system. Users of the tool should be familiar with the concepts of UEFI, Secure Boot, and BitLocker.

Files

Status: Live

This download is still available on microsoft.com. The downloads below will come directly from the Microsoft Download Center.

FileSize
OEM_PK_Surface.zip
SHA1: 2f3b5673be4140e493c56fb575cd29e2a157c744
399 KB

File sizes and hashes are retrieved from the Wayback Machine’s indexes. They may not match the latest versions of files hosted on Microsoft servers.

System Requirements

Operating Systems: Windows 8, Windows 8 Enterprise, Windows 8 Pro, Windows 8.1

  • Surface ProSurface Pro 2

Installation Instructions

  • This tool performs the following operations on the system: 1. Adds the Microsoft UEFI Certification Authority certificate to the Allowed Database ‘db’. Keys that are currently provisioned in the db will not be affected by this step. 2. Updates the Revoked Signatures Database ‘dbx’ with the most recent UEFI revoked signatures list. This step enhances the security of the system by denying Secure Boot to components which are signed with a compromised certificate.Please refer to the documentation bundled with this release prior to use of the tool.