Yes, it should be possible to boot both Linux and Windows 10 with secure boot enabled. However, this will be dependent on your machine's firmware and configuration.
You'll need to ensure that the signing key for both of the operating systems is present in the UEFI key database (specifically, the db key database).
The Ubuntu shim binary (the first thing loaded by your machine's firmware) is signed with the following key chain:
image signature issuers:
- /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Corporation UEFI CA 2011
image signature certificates:
- subject: /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/OU=MOPR/CN=Microsoft Windows UEFI Driver Publisher
issuer: /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Corporation UEFI CA 2011
- subject: /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Corporation UEFI CA 2011
issuer: /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Corporation Third Party Marketplace Root
- so you'll need to ensure that at least one of those is present in db.
Then, the shim will load GRUB, verifying the grub binary's signature against the one in the MOK key database. You can inspect this one with mokutil. This is the signature chain for the grub binary on my machine:
image signature issuers:
- /C=GB/ST=Isle of Man/L=Douglas/O=Canonical Ltd./CN=Canonical Ltd. Master Certificate Authority
image signature certificates:
- subject: /C=GB/ST=Isle of Man/O=Canonical Ltd./OU=Secure Boot/CN=Canonical Ltd. Secure Boot Signing
issuer: /C=GB/ST=Isle of Man/L=Douglas/O=Canonical Ltd./CN=Canonical Ltd. Master Certificate Authority
Other than that though, see if you can find any error messages or error logs from the failing boot process. They may point you in a more specific direction for debugging.
