diff --git a/rules/config b/rules/config
index c3a58f96d141..c381372c1d2b 100644
--- a/rules/config
+++ b/rules/config
@@ -226,8 +226,8 @@ SONIC_ENABLE_SECUREBOOT_SIGNATURE ?= n
 # SECURE_UPGRADE_DEV_SIGNING_CERT - path to development signing certificate, used for image signing during build
 # SECURE_UPGRADE_MODE - enum value for secure upgrade mode, valid options are "dev", "prod" and "no_sign"
 # SECURE_UPGRADE_PROD_SIGNING_TOOL - path to a vendor signing tool for production flow.
-SECURE_UPGRADE_DEV_SIGNING_KEY = /sonic/your/private/key/path/private_key.pem
-SECURE_UPGRADE_DEV_SIGNING_CERT =  /sonic/your/certificate/path/cert.pem
+SECURE_UPGRADE_DEV_SIGNING_KEY ?= 
+SECURE_UPGRADE_DEV_SIGNING_CERT ?= 
 SECURE_UPGRADE_MODE = "no_sign"
 SECURE_UPGRADE_PROD_SIGNING_TOOL ?=
 # PACKAGE_URL_PREFIX - the package url prefix