CONFIG_TFM_KEY_FILE_NS

Path to private key used to sign non-secure firmware images.

Type: string

Help

The path and filename for the .pem file containing the private key that should be used by the BL2 bootloader when signing non-secure firmware images.

Direct dependencies

BUILD_WITH_TFM && BUILD_WITH_TFM

(Includes any dependencies from ifs and menus.)

Default

  • “/home/runner/work/sdk-nrf/sdk-nrf/ncs/zephyr/../modules/tee/tfm/trusted-firmware-m/bl2/ext/mcuboot/root-RSA-3072_1.pem”

Kconfig definition

At <Zephyr>/modules/Kconfig.tfm:65

Included via <Zephyr>/Kconfig:8<Zephyr>/Kconfig.zephyr:23<Zephyr>/modules/Kconfig:32

Menu path: (Top) → Modules → Build with TF-M as the Secure Execution Environment

config TFM_KEY_FILE_NS
    string "Path to private key used to sign non-secure firmware images."
    default "/home/runner/work/sdk-nrf/sdk-nrf/ncs/zephyr/../modules/tee/tfm/trusted-firmware-m/bl2/ext/mcuboot/root-RSA-3072_1.pem"
    depends on BUILD_WITH_TFM && BUILD_WITH_TFM
    help
      The path and filename for the .pem file containing the private key
      that should be used by the BL2 bootloader when signing non-secure
      firmware images.

(The ‘depends on’ condition includes propagated dependencies from ifs and menus.)