Re: Driver status digitally unsigned
- From: Mark Roddy <markr@xxxxxxxxxxxxxx>
- Date: Tue, 18 Apr 2006 07:45:03 -0400
On 17 Apr 2006 22:29:30 -0700, sriivii@xxxxxxxxxxx wrote:
Hello,
I have been using Verisign codesigning certificate to
digitally sign my catalog file (which digitally sign my driver file). I
was able to create a catalog file with "MakeCat" utility, was able to
sign the catalog file with "SignCode" and was able to verify the
catalog file's validity using "ChkTrust" tool.
But, after installing the driver, the driver's digital
signature property in the "Device Manager" still displays it to be
digitally unsigned.
When I tried analysing the setupapi.log, I noticed the
following statement:
" 0x800B0109 : A certificate chain processed, but terminated in a root
certificate which is not trusted by the trust provider. "
Note - When I try verifying the same catalog file using "Signtool", I
get the following error:
"SignTool Error: WinVerifyTrust returned error: 0x800B0110
The certificate is not valid for the requested usage."
Any clue ?
You are self signing your driver and that is only supported on
specific OS releases for specific classes of drivers and also requires
installation of certificates on the target system or access from the
target system to a certificate server in the domain.
Do some research on self signed drivers.
Thanks,
Srivi.
=====================
Mark Roddy DDK MVP
Windows Vista/2003/XP/2000 Consulting
Device and Filesystem Drivers
Hollis Technology Solutions 603-321-1032
www.hollistech.com
.
- Follow-Ups:
- Re: Driver status digitally unsigned
- From: sriivii
- Re: Driver status digitally unsigned
- References:
- Driver status digitally unsigned
- From: sriivii
- Driver status digitally unsigned
- Prev by Date: Re: using !devext
- Next by Date: Re: Sending a UDP packet using TDI at IRQL == DISPATCH_LEVEL
- Previous by thread: Driver status digitally unsigned
- Next by thread: Re: Driver status digitally unsigned
- Index(es):
Relevant Pages
|
