Secure Boot - Do Beelinks Have Unique Platform Keys?

wsanders

Does every Beelink PC have a unique Platform Key (PK)? The PK on my 6600H is:

Signature 0, size 834, owner 26dc4851-195f-4ae1-9a19-fbf883bbb35e
Subject:
CN=DO NOT TRUST - AMI Test PK
Issuer:
CN=DO NOT TRUST - AMI Test PK

Although a unique PK for each device could increase the effectiveness of Secure Boot (because Beelink would not know my PK if I created a new one), I have a suspicion that the PK may be used by Beelink to generate a Windows 11 activation key in the event a customer needs to reinstall Windows 11. Is this correct?

I am not a Secure Boot expert, but as I understand it, I can replace the PK with a custom one and it won’t affect my Windows 11 or Fedora dual boot installation, since neither OS uses the PK. However, I am not tempted to change it since I don’t think there is any scenario in which the PK would be used except for a Windows 11 reinstallation.

support7

The Platform Key in the BIOS is unique, but it is not the basis for generating keys. Our keys are embedded in the system, not in the BIOS. This PK is different from the Windows activation key.