:orphan:

.. title:: TFM_KEY_FILE_NS

.. option:: CONFIG_TFM_KEY_FILE_NS

*Path to private key used to sign non-secure firmware images.*

Type: ``string``

Help
====

The path and filename for the .pem file containing the private key
that should be used by the BL2 bootloader when signing non-secure
firmware images.

Direct dependencies
===================

\ :option:`BUILD_WITH_TFM <CONFIG_BUILD_WITH_TFM>` && \ :option:`BUILD_WITH_TFM <CONFIG_BUILD_WITH_TFM>`

*(Includes any dependencies from ifs and menus.)*

Default
=======

- "/home/runner/work/bridle/bridle/workspace/zephyr/../modules/tee/tfm/trusted-firmware-m/bl2/ext/mcuboot/root-RSA-3072_1.pem"

Kconfig definition
==================

.. highlight:: kconfig

At ``modules/Kconfig.tfm:54``

Included via ``Kconfig:8`` → ``Kconfig.zephyr:23`` → ``modules/Kconfig:32``

Menu path: (Top) → Modules → Build with TF-M as the Secure Execution Environment

.. parsed-literal::

    config TFM_KEY_FILE_NS
    	string "Path to private key used to sign non-secure firmware images."
    	default "/home/runner/work/bridle/bridle/workspace/zephyr/../modules/tee/tfm/trusted-firmware-m/bl2/ext/mcuboot/root-RSA-3072_1.pem"
    	depends on \ :option:`BUILD_WITH_TFM <CONFIG_BUILD_WITH_TFM>` && \ :option:`BUILD_WITH_TFM <CONFIG_BUILD_WITH_TFM>`
    	help
    	  The path and filename for the .pem file containing the private key
    	  that should be used by the BL2 bootloader when signing non-secure
    	  firmware images.

*(The 'depends on' condition includes propagated dependencies from ifs and menus.)*