I am wondering if there are any cases of registering a Secure Boot Mok for Exadata.

[dulgidulgi]

Hi everyone,

We are currently onboarding a customer who wants to back up their Oracle Exadata environment using Veeam Agent for Oracle Linux.

The customer's current OS is Oracle Linux 8.10, and Secure Boot is enabled on the Exadata database nodes. As part of the Veeam Agent deployment, we requested the customer to perform the MOK (Machine Owner Key) registration process to trust the Veeam kernel module (veeamsnap).

Since the system is in a pre-production/pre-go-live stage, a system reboot is perfectly fine. However, the customer is hesitant and has raised the following questions:

Are there any known performance issues, stability risks, or compatibility side effects on Exadata after registering a third-party MOK?

Is there any official reference or validated case where MOK registration was successfully applied specifically to an Exadata environment?

In our region, we haven't deployed Veeam Agent on an Exadata system with Secure Boot enabled yet, so we lack a direct local reference.

If anyone has experience with this specific setup (Exadata + OL8 + Secure Boot MOK) or can share official technical documentation regarding risks/best practices, your insights would be greatly appreciated.

Thank you in advance!

[rovshan.pashayev]

Hi Jung,

Here are two references that should help address your customer's concerns:
Veeam official guide for MOK Enrollment:
https://helpcenter.veeam.com/docs/agent ... tml?ver=13
Oracle's own documentation on adding keys using mokutil on Exadata:
https://docs.oracle.com/en/engineered-s ... B0E648E701

The fact that Oracle itself documents the MOK key enrollment process for Exadata systems is a strong indicator that it is a supported and expected operation on that platform.

That said, could you share any specific cases or concerns where MOK registration caused issues on Exadata? That would help us better analyze and address your customer's hesitation.