secure-boot not working on asrock X99 taichi

I was not able to boot the installer media (USB) with secure boot enabled in my uefi firmware. With secure boot disabled all is working fine.
I saw that opensuse use shim as secure boot loader, which is signed (also) with the microsft key so to be recognized by uefi bios. I’m sure my uefi bios is working becouse i was able to boot a microsoft genuine usb installation media with secure boot enabled, but with opensuse shim i can’t boot in anyway.

The motherboard is an ASRock X99 taichi. Someone else has had any similar experience?

My hypothesis is to be in the case described here in the section “Booting the Machine that supports only one signature with vendor provided Keys”

Thank you all.

Yes, very likely.

You can test that hypothesis by following the directions in that linked documentation.

I had that problem in a Lenovo ThinkServer. And the suggested work around worked fine. However, I found it more convenient to leave secure-boot disabled. A later BIOS update fixed the issue on that computer. So now I usually have secure-boot enabled – except when testing a distro that does not support secure-boot.