:orphan:

.. title:: TFM_KEY_FILE_NS

.. option:: CONFIG_TFM_KEY_FILE_NS

*Path to private key used to sign non-secure firmware images.*

Type: ``string``

Help
====

.. code-block:: none

    The path and filename for the .pem file containing the private key
    that should be used by the BL2 bootloader when signing non-secure
    firmware images.

Direct dependencies
===================

\ :option:`BUILD_WITH_TFM <CONFIG_BUILD_WITH_TFM>` && \ :option:`BUILD_WITH_TFM <CONFIG_BUILD_WITH_TFM>` && 0

*(Includes any dependencies from ifs and menus.)*

Default
=======

- "/home/runner/work/bridle/bridle/workspace/zephyr/../modules/tee/tfm/trusted-firmware-m/bl2/ext/mcuboot/root-RSA-3072_1.pem"

Kconfig definition
==================



At ``<External Modules>/trusted-firmware-m/Kconfig:62``

Included via ``Kconfig:8`` → ``Kconfig.zephyr:23`` → ``<External Modules>/Kconfig:66``

Menu path: (Top) → Modules → Build with TF-M as the Secure Execution Environment

.. code-block:: kconfig

    config TFM_KEY_FILE_NS
    	string "Path to private key used to sign non-secure firmware images."
    	default "/home/runner/work/bridle/bridle/workspace/zephyr/../modules/tee/tfm/trusted-firmware-m/bl2/ext/mcuboot/root-RSA-3072_1.pem"
    	depends on BUILD_WITH_TFM && BUILD_WITH_TFM && 0
    	help
    	  The path and filename for the .pem file containing the private key
    	  that should be used by the BL2 bootloader when signing non-secure
    	  firmware images.

*(The 'depends on' condition includes propagated dependencies from ifs and menus.)*