The Windows Club

TheWindowsClub covers authentic Windows 11, Windows 10 tips, tutorials, how-to's, features, freeware. Created by Anand Khanse, MVP.

Event ID 1797, The Secure Boot DBX Update Failed

Download Windows Speedup Tool to fix errors and make PC run faster

If you receive Event ID 1797 in the Event log on your Windows 11/10 computer, this post will help you understand the cause, reason, and possible resolution.

Fix Event ID 1797 DBX Update Failed

What causes Event ID 1797 In Windows?

The Windows UEFI CA 2023 certificate and the Microsoft Windows Production PCA 2011 certificate are two essential certificates required to ensure a Secure Boot into your PC.

When the computer is unable to find the Windows UEFI CA 2023 certificate during Windows startup, Event ID 1797 occurs, causing issues with Windows startup and security compatibility.

What does The Event ID 1797 mean?

Event ID 1797 means that the Windows UEFI CA 2023 certificate is missing from your PC, which makes Windows intentionally fail to update other forbidden DBX updates. The update fails because the computer can at least trust one certificate to boot up securely.

While this does not immediately affect your PC, it is a security issue, meaning your PC is vulnerable to threats. Having the DBX updated to the latest version and the UEFI CA 2023 certificate will only enhance your PC’s overall security.

Fix Event ID 1797 The Secure Boot DBX Update Failed

Event ID 1797 occurs because your PC lacks the Windows UEFI CA 2023 certificate. You must deploy a DB update using the Registry Editor and verify it using Powershell.

  • Open the Registry Editor.
  • Now, in the Registry Editor, navigate to the following path:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecureBoot
  • Find the entry titled AvailableUpdates and double-click it.
  • Now, change the Value Data to 0x40 and save it.

Update to Windows UEFI CA 2023 certificate through Registry Editor

Reboot your PC to apply the DB update. To verify the DB, follow these steps:

[System.Text.Encoding]::ASCII.GetString((Get-SecureBootUEFI db).bytes) -match 'Windows UEFI CA 2023'
  • If the command returns True, then the update was successful; if it returns False, try restarting your PC again to ensure that the DB update is applied.

Verify Windows UEFI CA 2023 update using Powershell

Additionally, ensure that all the firmware updates are installed and that your PC runs the latest version.

We hope that you found the article helpful and were able to fix the Event ID 1797.

Read: Event ID 1798: The Secure Boot DBX update failed to revoke Microsoft Windows Production PCA.

AshishMohta@TWC

Ashish holds a Bachelor's in Computer Engineering and is a veteran Windows. He has been a Microsoft MVP (2008-2010) and excels in writing tutorials to improve the day-to-day experience with your devices.