If you look at the Rocky Linux 8.5 release notes you will be glad to find out that secure boot is now supported since the Rocky Linux shim has now been signed by Microsoft. @denisp your problem should now be solved, would you be willing to try again and see if it now works please?
@FromOZ Microsoft primarily gets that power because the manufacturers of hardware choose to give it to them. Whichever keys get included in the BIOS of a motherboard are the ones that then work and currently that’s only Microsoft’s key on most things people buy. This remains a problem for systems like FreeBSD. At the heart of this, though, is the choice people make to buy Microsoft Windows hardware when they want to run Linux.
I think it’s fair to say, though, that Microsoft is actually providing pretty good service here. The whole aim is to prevent crackers from breaking things, so they can’t just instantly hand out keys to anyone. That we’ve already got everything working despite being such a new distribution is pretty reasonable.
Much more worrying is new hardware which comes with closed device drivers and/or binary blobs. At any point there might be a critical security vulnerability which those companies aren’t willing to fix. A case in point being today’s BIOS vulnerabilities which nobody will know how to fix if their motherboard is no longer being supported.
Key lesson: If you buy new hardware, buy only hardware which has explicit Linux support and open source drivers. The list above will be a good start.