I have a root-enumerated (non-PnP) KMDF driver that works as a monitor in conjunction with a 2nd USB driver for the client’s device. This pair has been running fine in Win7, and the client has asked me to migrate this to Win10 1607 for their next gen system, with the understanding of the signing requirements it entails. We have gone ahead and procured an EV cert from DigCert. I build the pair of driver packages with Test Cert under VS 2015 Update 3 / WDK 10.0.15063.0, enable Test Signing on original Win10 target, and all is well.
I then apply the EV cert for Production cert to both packages (disable Test Signing on target, of course), and looking at Setupapi.dev.log, both seem to install fine. However, only the USB driver LOADS, i.e. the noPnP driver never loads/runs. I have applied cross-signing cert, but that driver still does not load. *Installs, yes; loads/runs, no*
Since this is an embedded system that gets delivered to customers fully prepared, we are fine with the “do you trust components from this vendor” prompt for system prep.
FYI, we are applying cert to both .cat & .sys files.
So …
Do we need to take the additional step of submitting that EV-signed driver package to Dev Portal site to get MS blessing for nonPnP driver to load?
Or am I just plain missing something else here?
With all that I thought I knew about Windows device driver development, this one has me stumped. ;^(
Thanks,
MarkH