This has come up before on NTDEV and other newsgroups, but the answers are
conflicting. I'm hoping for a more authoritative answer.
I have obtained an SPC from GlobalSign and am attempting to sign a KMDF
driver by following the MSFT "Kernel-Mode Code Signing Walkthrough", using
inf2cat and signtool exactly as specified in the example. All procedures
succeed, and I am able to "signtool verify" successfully.
Installation on the Target machine goes fine, but during installation there
is a popup dialog "Windows can't verify the publisher of this driver". And
looking at the Driver tab under Device Manager shows "Not digitally signed"
for the driver (as well as for each file under "Driver Details").
Curiously, even the WdfCoInstaller says it is Not Signed, although I would
have expected MSFT to sign the binary itself.
Some prior posts on NTDEV suggest that unless you go through Winqual and get
a signature from MSFT, then these messages will always popup. However,
other posts suggest that some people have managed to not get this particular
popup after signing drivers (or some claim a popup at least shows the
correct Publisher name, which I have not seen with my signed drivers)
So is there mistake in my signing process? Or is it always normal for Vista
64 to raise this dialog on even signed drivers, if they do not have a