diff --git a/tests/p_kernel/01_kernel_centos_keyring.sh b/tests/p_kernel/01_kernel_centos_keyring.sh
new file mode 100755
index 0000000..533c238
--- /dev/null
+++ b/tests/p_kernel/01_kernel_centos_keyring.sh
@@ -0,0 +1,18 @@
+#!/bin/sh
+# Author: Athmane Madjoudj <athmanem@gmail.com>
+# Note: This was a known issue with CentOS 6.0 GA kernel
+
+t_Log "Running $0 -  check CentOS' Kernel Module GPG key."
+
+if [ "$centos_ver" = "7" ] ; then
+  for id in kpatch "Driver update" kernel
+  do
+    t_Log "Verifying x.509 CentOS ${id}"
+    keyctl list %:.system_keyring | grep -i "CentOS Linux ${id} signing key" > /dev/null 2>&1
+    t_CheckExitStatus $?
+  done
+else
+  grep 'User ID: CentOS (Kernel Module GPG key)' /var/log/dmesg > /dev/null 2>&1
+  t_CheckExitStatus $?
+fi
+
diff --git a/tests/p_kernel/02_kernel_secureboot_signed.sh b/tests/p_kernel/02_kernel_secureboot_signed.sh
new file mode 100755
index 0000000..ec236aa
--- /dev/null
+++ b/tests/p_kernel/02_kernel_secureboot_signed.sh
@@ -0,0 +1,18 @@
+#!/bin/bash
+# This test will verify that grub2-efi is correctly signed with correct cert in the CA chain
+
+t_Log "Running $0 -  Verifying that kernel is correctly signed with correct cert"
+
+if [ "$centos_ver" = "7" ] ; then
+  t_InstallPackage pesign 
+  for kernel in $(rpm -q kernel --queryformat '%{version}-%{release}.%{arch}\n') 
+    do
+    t_log "Validating kernel $kernel ..."
+    pesign --show-signature --in /boot/vmlinuz-${kernel}|grep -q 'Red Hat Inc.'
+    t_CheckExitStatus $?
+  done
+else
+  t_log "previous versions than CentOS 7 aren't using secureboot ... skipping"
+  exit 0
+fi
+
diff --git a/tests/p_kernel/kernel_centos_keyring.sh b/tests/p_kernel/kernel_centos_keyring.sh
deleted file mode 100755
index 533c238..0000000
--- a/tests/p_kernel/kernel_centos_keyring.sh
+++ /dev/null
@@ -1,18 +0,0 @@
-#!/bin/sh
-# Author: Athmane Madjoudj <athmanem@gmail.com>
-# Note: This was a known issue with CentOS 6.0 GA kernel
-
-t_Log "Running $0 -  check CentOS' Kernel Module GPG key."
-
-if [ "$centos_ver" = "7" ] ; then
-  for id in kpatch "Driver update" kernel
-  do
-    t_Log "Verifying x.509 CentOS ${id}"
-    keyctl list %:.system_keyring | grep -i "CentOS Linux ${id} signing key" > /dev/null 2>&1
-    t_CheckExitStatus $?
-  done
-else
-  grep 'User ID: CentOS (Kernel Module GPG key)' /var/log/dmesg > /dev/null 2>&1
-  t_CheckExitStatus $?
-fi
-