Are there any guidelines for creating and subsequently deploying OVAs with UEFI secure boot enabled and that include the guest's NVRAM file in the OVA?
I've hit a few issues deploying OVAs that have secure boot enabled such as:
- Upon import of an OVA in vSphere I get errors such as: Details: - 249:7:VALUE_ILLEGAL: vmw:ExtraConfig element ''nvram''
- When deploying OVAs set to use secure boot and EFI but do not include an NVRAM file, I'll see it occasionally boot up to a secure boot security violation but if I then go and disable and re-enable UEFI secure boot in the guest's settings, I'm able to boot.
I'm running ESXi 6.7 build 8170161 and using vSphere Client 6.7.