Our x86_64 machine under development is using SLES (11sp3 and will use 12 once it's released).
The system is with UEFI Secure boot.

From SUSE Doc: Administration Guide, I learned
SUSE starts with shim—a small and simple EFI boot loader—which was originally developed by Fedora. It is signed by a certificate signed by the SUSE KEK and a Microsoft-issued certificate, based on which KEKs are available in the UEFI key database on the system.

We want to enroll SLES bootloader shim's certificate into our firmware key database so that SLES installation/booting can run with secure boot enabled.
Where can I find SUSE shim's certificate?