While attempting to install the latest build of CentOS on my Windows 10 laptop running Hyper-V, I hit a wall. An error was displayed telling me the hash and certificate weren't allowed.
Background: I chose to use the "Generation 2" version of they Hyper-V vm with the UEFI.
The workaroud is to disable the "Secure Boot" option in the settings screen.
Alternatively, the "Secure Boot" selection can be changed to "Microsoft UEFI Certificate Authority." This selection should work for the majority of Linux distributions according to Microsoft. In my case, it worked with the CentOS-7-x86_64-DVD-1708.iso ISO file.
I tried both options, and they both worked. I was able to install the OS as expected. The system continued to boot as normal.
So what is "Secure Boot" anyways? Microsoft describes Secure Boot as a mechanism to ensure only trusted (non tampered with) components are used. In this case, it's validating that a trusted OS is booting. The trusts appear to be maintained by certificates managed by Microsoft. Only certain OSes are registered.
More information can be found here:
Generation 2 virtual machine security settings for Hyper-V
There's a really good multi-part series of articles by John Howard. Part 6 focuses on Secure Boot. https://blogs.technet.microsoft.com/jhoward/2013/11/01/hyper-v-generation-2-virtual-machines-part-6/