Note: This isn't supported on devices with a 32bit bootloader!
Note: You will need an USB stick for this method.
I wrote this guide since the meegopad bootloader has the same problem as the acer bootloader
and gets into an automatic repair loop just like on acer devices.
First thing you'll need is ofcourse VeraCrypt wich is available here.
Second, you'll need the certificates:
Note that the link is version specific, so if you are using a higher version
you'll need the edit the link according to the veracrypt version.
(In my test i've used v.1.21)
On the github page press the "Clone or Download" button and select Download ZIP.
It will download a ZIP file to your device, now go to the folder where you have saved it .
Extract the ZIP file and browse to ( ../src/Boot/EFI ) and copy the certs folder to your USB.
Install VeraCrypt and follow the instructions as normally.
Note: now its important that your system doesn't shutdown, it may restart, but no cold boot.
If it shutsdown after the pre-test, just press it on, no big deal.
After the pre-test your system will boot back into the system for the actual
encryption procedure, as usual, don't shutdown your computer.
When finished, in windows 10 settings go to:
update & security > Recovery > Advanced startup > Restart now
When restarted in the options menu, choose the following options:
Troubleshoot > Advanced options > UEFI Firmware Settings
And press "Restart"
When the device has loaded into the UEFI Firmware settings go to the "Security" tab
Select "Secure Boot Menu" and set the option "secure boot" to Enabled (if not enabled by default)
And "Secure Boot Mode" to "Custom"
Now go to "Key Management" and select "Delete all Secure Boot Variables" (Important!)
Okay, so now we are going to import the certificates (Finally)
The First certificate we're going to import is for (from the usb, part 1)
the "Platform Key(PK)" select that option and select "Set New Key"
If it asks to load factory default keys, select "No".
It will ask where the look for the certs (storage), select your USB device.
you'll just have to find out wich device it is...
So, on your USB device, select the Certs folder (from part 1) and select the "DCS_platform" cert.
Now it will give you 2 options, select the "Public Key Certificate" option and hit enter.
Bam!! one down, 4 to go! XD
To install the next certificate, select "Key Exchange Keys"
Just like the previous steps, set new key, browse to the certs folder on your USB and select the
"DCS_key_exchange" certificate, and again, select "Public Key Certificate"
The next 3 certificates are simple as pie, select "Authorized Signatures"
For the first one select "Set New Key" and in the Certs folder select the "DCS_Sign" certificate.
And select "Public Key Certificate"
For the next 2 certificates:
"MicCorUEFCA2011_2011-06-27" and "MicWinProPCA2011_2011-10-19"
Select "Authorized Signatures" and select "Append Key"
Select your usb device and select the above certificates, you have to append them seperately since you can't select 2 files at once.
And finally select "Public Key Certificate"
And now you're finally done