A method for allowing a firmware update when a digital certificate for a firmware update image is expired includes initiating a firmware update of a computing device and determining, using a secure boot process, that a firmware update image has an expired digital certificate. The firmware update image is stored in nonvolatile memory accessible to a service processor and to a host processor of the computing device. The method includes determining that the firmware update image and an image of firmware with code of the secure boot process were digitally signed by a same entity and overriding the secure boot process to allow execution of the firmware update image in response to determining that the firmware update image and the image of the firmware with code of the secure boot process were digitally signed by a same entity.