Our x86_64 machine under development is using SLES (11sp3 and will use 12 once it's released).
The system is with UEFI Secure boot.

From SUSE Doc: Administration Guide, I learned
SUSE starts with shima small and simple EFI boot loaderwhich was originally developed by Fedora. It is signed by a certificate signed by the SUSE KEK and a Microsoft-issued certificate, based on which KEKs are available in the UEFI key database on the system.

We want to enroll SLES bootloader shim's certificate into our firmware key database so that SLES installation/booting can run with secure boot enabled.
Where can I find SUSE shim's certificate?