diff --git a/meta-lmp-base/recipes-bsp/efitools/efitools.inc b/meta-lmp-base/recipes-bsp/efitools/efitools.inc
index 587ebac5c..26dafc66a 100644
--- a/meta-lmp-base/recipes-bsp/efitools/efitools.inc
+++ b/meta-lmp-base/recipes-bsp/efitools/efitools.inc
@@ -58,4 +58,18 @@ do_install() {
     oe_runmake install DESTDIR='${D}${base_prefix}'
 }
 
+do_install:append:class-target() {
+    if ! sbsign --key ${UEFI_SIGN_KEYDIR}/DB.key \
+                --cert ${UEFI_SIGN_KEYDIR}/DB.crt \
+                --output ${D}${datadir}/efitools/efi/UnLock-signed.efi \
+                ${D}${datadir}/efitools/efi/UnLock.efi; then
+        bbfatal "Failed to sign UnLock.efi"
+    fi
+
+    if ! sbverify --cert ${UEFI_SIGN_KEYDIR}/DB.crt \
+                   ${D}${datadir}/efitools/efi/UnLock-signed.efi; then
+        bbfatal "Failed to verify UnLock-signed.efi"
+    fi
+}
+
 SSTATE_ALLOW_OVERLAP_FILES += "${DEPLOY_DIR_IMAGE}/LockDown.efi ${DEPLOY_DIR_IMAGE}/UnLock-signed.efi"
diff --git a/meta-lmp-base/recipes-bsp/efitools/efitools_git.bb b/meta-lmp-base/recipes-bsp/efitools/efitools_git.bb
index d0d042e54..8eb5af1c8 100644
--- a/meta-lmp-base/recipes-bsp/efitools/efitools_git.bb
+++ b/meta-lmp-base/recipes-bsp/efitools/efitools_git.bb
@@ -55,19 +55,6 @@ do_deploy() {
     install -d ${DEPLOYDIR}
     install -m 0600 ${D}${datadir}/efitools/efi/LockDown.efi ${DEPLOYDIR}
     install -m 0600 ${WORKDIR}/lockdown.conf ${DEPLOYDIR}
-
-    if ! sbsign --key ${UEFI_SIGN_KEYDIR}/DB.key \
-                --cert ${UEFI_SIGN_KEYDIR}/DB.crt \
-		--output ${D}${datadir}/efitools/efi/UnLock-signed.efi \
-		${D}${datadir}/efitools/efi/UnLock.efi; then
-        bbfatal "Failed to sign UnLock.efi"
-    fi
-
-    if ! sbverify --cert ${UEFI_SIGN_KEYDIR}/DB.crt \
-                   ${D}${datadir}/efitools/efi/UnLock-signed.efi; then
-        bbfatal "Failed to verify UnLock-signed.efi"
-    fi
-
     install -m 0600 ${D}${datadir}/efitools/efi/UnLock-signed.efi ${DEPLOYDIR}
     install -m 0600 ${WORKDIR}/unlock.conf ${DEPLOYDIR}
 }