Comment 11 for bug 1899678

I think the second part (apt install not showing the prompt on next boot) is fixed with shim-signed 1.45 as indicated by Andy in comment #8.

But I'm not quite sure about your initial part where the installer didn't do the same. I can make that happen if I tick to install proprietary drivers and then untick "Configure secure boot". But that's to be expected. If I tick both and fill in a passphrase, then it works correctly and I'm prompted to enroll the key after completing the installation and rebooting.