Use Yast Software manager to remove and immediately reinstall the openSUSE-signkey-cert package.
Do not reboot beforere installing it. this will reinstall the same certificate - in this case, /etc/uefi/certs/1F673297-kmp.crt
Reboot. A text menu will appear for a short time before the system starts to load, use the keyboard arrows to select Enroll Keys, chose Enroll Keys again (or something very similar, I’m quoting from memory) and enter your root password when asked.
If the system continues to boot before you start to enroll the keys you’ll need to go back to step 1, perhaps disabling secure boot first.
And, it’s the “1F673297-kmp.crt” which is causing the problem.
But, on this (quite new) machine with graphics as shown below, quite often at reboot, the screen doesn’t respond within the few seconds which MokUtil “blue screen” allows at boot time – no MokUtil “blue screen” visible at reboot – only an empty black screen before the openSUSE splash appears …
Therefore, what I’ve found to be fairly reliable is, to Power Off and then, Power On rather than simply reboot – the screen and HDMI interface then have enough time to display the MokUtil “blue screen” …
And, my other problem – my Root password has extended European characters and, I use a German (QWERTZ) keyboard – the MokUtil “blue screen” expects a US keyboard layout (QWERTY) …
Therefore, I tend to use MokUtil to manually manage the Keys with another password which uses keys which are mapped identically between QWERTZ and QWERTY …
For me it is the other way around. If I power off the monitor goes on stand-by, and takes 3-4 secs to come up again, giving me little time to see/interact with the mok menu.
Huh? All VirtualBox modules provided by openSUSE are signed.The subject of this thread is totally misleading because OP describes not how to “re-sign modules” but how to enroll existing certificate to allow **existing **signature verification. Modules themselves are not touched by this procedure.