RPS Building iPXE ROMs

This guide shows how to configure an iPXE ROM with the specific options/features needed to be used within RPS.

Process Overview

The following steps are required to build a iPXE ROM that is trusted by the RPS root certificate:

iPXE source
Admin Workstation
Linux workstation such as Ubuntu OR WSL (Windows Subsystem for Linux)
Linux packages
GCC
binutils
make
syslinux (required for building ISOs)
genisoimage (required for building ISOs)
liblzma
RPS public root certificate, Base64 encoded

Note
Most of the tools required to build an iPXE ROM are Linux based and can only be executed from Bash (Unix Shell). However, a Unix operating system is not required. The process in this document has been completed leveraging WSL (Windows Subsystem for Linux). WSL is available on a machine running 64-bit version of Windows 10 Anniversary Update build 14393 or later. If the development machine that the ROM is being built from does not have the required prerequisites an internet connection will be required to install them.

Navigate to the directory the source will be downloaded to and clone iPXE repository: git clone git://git.ipxe.org/ipxe.git
After source is downloaded navigate to ipxe/src: cd ipxe/src
To build a ROM that trusts the RPS root certificate run the following:
```
make bin-x86_64-efi/ipxe.efi TRUST=<path to certificate> CERT=<path to certificate>
```
b. Here is an example of building an iPXE, EFI compatible, ROM with the RPS certificate in the local folder.
```
make bin-x86_64-efi/ipxe.efi TRUST=RPSbase64Ca.cer CERT=RPSbase64Ca.cer
```
Note
The ROM will be in the bin-x86_64-efi folder.

All the examples are executed from the ipxe/src folder.

Create an iPXE bootable ISO that trust the RPS root cert

make bin/ipxe.iso TRUST=RPSbase64Ca.cer CERT=RPSbase64Ca.