Hi @xgame,

Welcome to the HP Support Community! 

Thanks for reaching out about your query regarding restoring secure boot keys on the HP Omen 40L Desktop!

We're thrilled to have the opportunity to assist you and provide a solution.

Try these steps:

Access BIOS Setup

1. Enter BIOS:
   • Restart your HP Omen 40L desktop. While the computer is restarting, press Esc repeatedly until the Startup Menu appears.
   • Press F10 to enter the BIOS Setup.

Reset Secure Boot Keys

Navigate to Secure Boot Settings:

• In the BIOS Setup, go to Security -> Secure Boot Configuration.

Restore Factory Keys:

• Look for an option that says Restore Factory Keys or Install Default Secure Boot Keys and select it.

Perform BIOS Update

Download BIOS Update:

• Visit the HP Support Website and enter your HP Omen 40L desktop model number to find the latest BIOS update available for your system.

Update BIOS:

• Download and install the BIOS update following the instructions provided. This may restore the Secure Boot keys.

BIOS Recovery Method

If the standard BIOS update does not restore Secure Boot keys, perform a BIOS recovery:

Create BIOS Recovery USB Drive:

• Use another computer to download the BIOS recovery files from the HP website. Follow instructions to create a BIOS recovery USB drive.

Initiate BIOS Recovery:

• Plug the BIOS recovery USB drive into your HP Omen 40L desktop.
• Turn off the desktop, then press and hold the Windows key + B while also pressing Power until the BIOS recovery screen appears.
• Follow the prompts to recover the BIOS.

I hope this helps.

I'm glad I could help! 😊 If this resolved your issue, please mark it as "Accepted Solution" and click "Yes" on "Was this reply helpful?" Your feedback not only keeps us going but also helps others find the solution faster! 👍✨

Take care and have an amazing day ahead! 🚀

Best regards,

I tried all of these steps but it just doesn't seem to work for some reason. Is there another way to get the keys? 

Hi @xgame,

Thank you for confirming you’ve already tried the usual BIOS menu restore, update, and recovery steps. Let’s try a more advanced approach to attempt restoring Secure Boot keys on your HP Omen 40L.

Below is how you can manually reload the default Secure Boot keys (if the BIOS supports it) or re-flash the BIOS with default factory settings in a deeper way.

Double-check the BIOS for Manual Key Restore

Boot into BIOS (Esc repeatedly → F10).

Navigate to Security → Secure Boot Configuration.

Check for all possible sub-options:

Restore Factory Keys

Install Default Keys

Key Management

Clear Secure Boot Keys

If you see Key Management or Custom Mode, switch to Standard or Default, then select Restore Factory Keys.

If these options are greyed out, look for an option to Enable Secure Boot first, sometimes the “Restore Factory Keys” option only activates when Secure Boot is set to Enabled.

Use HP BIOS Configuration Utility (BCU)

On a working PC, download HP BIOS Configuration Utility:
HP BCU Download Page

Create a USB stick with the BCU.

Boot your Omen to Windows or WinPE.
Open Command Prompt as Administrator.

Use the following command to attempt to reset Secure Boot keys:

BiosConfigUtility64.exe /SetConfig:"restore_defaults.txt" 

(Your .txt file should contain the RestoreFactoryKeys command, you can find examples in the BCU documentation.)

Full BIOS Recovery (Forced)

If the keys still won’t come back, a forced recovery might help:

Create a BIOS Recovery USB using the exact same version or newer BIOS from HP’s site.

Format a USB to FAT32, run the downloaded BIOS .exe on another PC, and select Create Recovery USB.

Insert the USB → Turn PC off → Hold Windows + B → Tap Power → Keep holding until recovery starts.

Let it fully re-flash the BIOS ROM.

I hope this helps.

I'm glad I could help! 😊 If this resolved your issue, please mark it as "Accepted Solution" and click "Yes" on "Was this reply helpful?" Your feedback not only keeps us going but also helps others find the solution faster! 👍✨

Take care and have an amazing day ahead! 🚀

Best regards,

When I try to manually restore the keys, they don't work. Secure boot is grayed out until I press "Restore HP Default Keys" after that I can turn it on but once I save and exit bios, It grays out and turns off again. I have tried to flash the bios using an external usb and it did not fix the problem. I am trying to do the BCU method but cmd won't let me run the command you gave me. 

Hi @xgame,

Thank you for the update.

Let’s tackle this carefully since you’ve already tried almost everything.
When Secure Boot stays greyed out even after restoring keys and persists through re-flash, it usually means:

Here’s what you can still try step by step, with clear detail:

Make sure you’re in UEFI mode

Check Boot Mode:

Boot to BIOS → Advanced / Boot Options → Boot Mode

Confirm it’s set to UEFI (not Legacy).

Secure Boot only works in UEFI. If it’s Legacy, switch to UEFI, save, reboot → Then try “Restore HP Default Keys”.

Fully clear CMOS & BIOS NVRAM

This resets the BIOS chips completely, more than BIOS “Load Defaults”.

Shut down & unplug power cord.

Hold down the Power button for 15–20 sec (discharges capacitors).

Open the side panel, find the CMOS battery (coin cell), remove it for 5–10 minutes.

If there’s a clear CMOS jumper near the battery, short it according to your manual (or touch pins with a screwdriver for 10–15 sec).

Re-insert the battery, plug power, boot → Enter BIOS → Restore Factory Keys again.

Confirm the Platform Key (PK) actually writes

Secure Boot uses 4 key types: PK, KEK, DB, DBX.
Some BIOS show each key slot in Key Management.
Make sure:

Platform Key (PK) → Installed

Key Exchange Key (KEK) → Installed

DB (Signature Database) → Installed

DBX (Revocation Database) → Installed

If PK is empty or custom, Secure Boot can’t stay enabled.

I hope this helps.

I'm glad I could help! 😊 If this resolved your issue, please mark it as "Accepted Solution" and click "Yes" on "Was this reply helpful?" Your feedback not only keeps us going but also helps others find the solution faster! 👍✨

Take care and have an amazing day ahead! 🚀

Best regards,