Hello everyone!
I have a strange problem that is somehow connected to WinGbg so I thought to post here about it.
We test a driver on a virtual machine with Win 7 x64 and VMware Workstation.
When WinDbg is started and rests on a COM port pipe, the driver installs smoothly on the virtual machine.
But when I try to install a signed driver on the virtual machine without WinDbg running and attached, I get this error: http://screencast.com/t/IYd3ezTCnww
It reads as Windows is unable to verify a digital signature of the driver.
But I have signed the driver with a DigiCert valid certificate and their utility and the process has completed correctly. But after the installation, the icon marked with yellow exclamation mark appears on a driver item in the Device Manager and the device properties read as the driver is unproperly signed - error 52.
We do every operation on Windows 7 x64 Service Pack 1: http://screencast.com/t/2HVY7gZYHQs0
- We build the driver project using WDK 7600.16385.1: http://screencast.com/t/22VpFGWr4gh
Here is the screencast video: http://screencast.com/t/gCukl8j4oQ1
-
We add “WdfCoInstaller01009.dll” to our output.
-
We sign a driver binary UemPcSc.sys using DigiCert tool
-
We create .cat file by issuing this command: “inf2cat /driver:D:_Projects\WinXPBusTest\uempcsc\objchk_win7_amd64\amd64 /OS:7_x64”
The screencast video: http://screencast.com/t/NMIkQ4dneY
-
We sign the catalog file uempcsc.cat using the same tool
-
We install the driver using Device Manager, but it doesn’t start, showing error code 52 in the end: http://screencast.com/t/gucwd6Jab
The video: http://screencast.com/t/90LHyCUQ4i
I’ve tried to figure out this situation with error code 52 using some Internet articles: http://www.davidegrayson.com/signing/
But they don’t provide any possible clues…
We’ve installed all updates available from the Windows Update.
Still the problem persists.
See below the setup log extract - you can see the problem places there marked as exclamation marks to the left:
sig: Catalog = C:\Windows\System32\DriverStore\FileRepository\uempcsc.inf_amd64_neutral_cfa4a2cff7dabe40\uempcsc.cat
! sig: Verifying file against specific (valid) catalog failed! (0x800b0109)
! sig: Error 0x800b0109: A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
…
! sig: VerifyTrustFailed for C:\Windows\system32\DRIVERS\uempcsc.sys.
! sig: Error 0x800b0109: A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
…
!!! dvi: Device not started: Device has problem: 0x34: CM_PROB_UNSIGNED_DRIVER.
So I don’t know how might I correct “A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider”.
When I check the signed SYS’s properties, it looks fine and valid: http://screencast.com/t/T2KKAlgpZ
I’ve tried several ways:
- rebuild .sys, Generate inf, recopy WdfCoInstaller dll, generate .cat, sign .sys, .dll, .cat
- rebuild .sys, Generate inf, recopy WdfCoInstaller dll, generate .cat, sign .sys, .cat
- rebuild .sys, Generate inf, recopy WdfCoInstaller dll, generate .cat, sign .cat
- rebuild .sys, Generate inf, recopy WdfCoInstaller dll, sign .sys, .dll, generate .cat, sign .cat
- rebuild .sys, Generate inf, recopy WdfCoInstaller dll, sign .sys, generate .cat, sign .cat
I’ve used inf2cat tool 2.6.0.0 from WinDDK 7600.16385.1 and inf2cat tool 3.2.0.0 from WDK 8.1
I tried to add timestamp and not.
With no luck: upon checking .sys or .cat (see the setud.dev.log extract above) the setup fails with error 52.
This is a VERY odd error, I simply can’t figure out how can WinDbg influence the driver installation process in such a way. Why everything installs smoothly if it’s running and connected to the virtual machine.
Please help - maybe someone has had similar problem or knows some WinDbg features that might somehow affect the driver…