Thanks Andrew / Sivaraman for the guidance. Definitely good places for me to start. Thanks Rafael Em dom., 28 de ago. de 2022 às 08:25, Sivaraman Nainar escreveu: > Hello Rafael. > > > > HttpBootCheckUriScheme() in HttpBootDxe\HttpBootSupport.c should be the > right place to filter the URI. > > > > Please give a try. > > > > -Siva > > *From:* devel@edk2.groups.io * On Behalf Of *Rafael > Machado via groups.io > *Sent:* Friday, August 26, 2022 7:46 PM > *To:* devel@edk2.groups.io > *Subject:* [EXTERNAL] [edk2-devel] How to restrict HTTPS boot to a single > address > > > > > > ***CAUTION:* The e-mail below is from an external source. Please exercise > caution before opening attachments, clicking links, or following > guidance.** > > Hello everyone. > > > > Quick question for the ones that understand better the HTTPBoot > architecture at the edk2 structure. > > > > Suppose I have to restrict HTTPS boot to accept only the download of > images from a specific url. > > For example, instead of allowing the download of images from any valid CA > certificate address, I would like to restrict HTTPSBoot to allow only > downloads from some specific domain I have. > > > > Probably filtering some information, CN or something like that, from the > url certificate. > > > > What is the best way to do that? > > In which driver/library should this logic be added? > > > > Thanks > > Rafael > > > -The information contained in this message may be confidential and > proprietary to American Megatrends (AMI). This communication is intended to > be read only by the individual or entity to whom it is addressed or by > their designee. If the reader of this message is not the intended > recipient, you are on notice that any distribution of this message, in any > form, is strictly prohibited. Please promptly notify the sender by reply > e-mail or by telephone at 770-246-8600, and then delete or destroy all > copies of the transmission. >