Windows System Software -- Consulting, Training, Development -- Unique Expertise, Guaranteed Results

Home NTFSD
Before Posting...
Please check out the Community Guidelines in the Announcements and Administration Category.

More Info on Driver Writing and Debugging


The free OSR Learning Library has more than 50 articles on a wide variety of topics about writing and debugging device drivers and Minifilters. From introductory level to advanced. All the articles have been recently reviewed and updated, and are written using the clear and definitive style you've come to expect from OSR over the years.


Check out The OSR Learning Library at: https://www.osr.com/osr-learning-library/


Starting mini-filter service results in "A certificate was explicitly revoked by its issuer."

Arunkalai711Arunkalai711 Member Posts: 2

Hi,
I'm new to this community. I need some help.

I've created the mini-filter and got the sign from Microsoft through hardware portal [As per in this link].

But now there is a problem. Whenever I try to start the service it results in the error "A certificate was explicitly revoked by its issuer." with the error code "2148204812". Please help me out to fix this issue.

If you need any information, kindly revert back to me.

Thanks in advance.

Comments

  • rod_widdowsonrod_widdowson Member - All Emails Posts: 1,131

    To state the obvious:
    Sounds to me like you are signing with a certificate which was signed by a certificate which has been revoked. Ask your certificate vendor, since it seems unlikely that the MS cross signing cert has been revoked (or we would have heard)

    What happens when you right click on the signing cert? Does it tell you anything? Do you have OpenSSL to hand? if so you could dump the certificate and research the signing certificates

  • Arunkalai711Arunkalai711 Member Posts: 2

    @rod_widdowson Thanks for your response.

    What happens when you right click on the signing cert? Does it tell you anything?

    No. When I right-click and go to Digital Signatures, I had both my company signature and Microsoft Windows Hardware Comp. Publisher signature.

    Do you have OpenSSL to hand? if so you could dump the certificate and research the signing certificates

    Can you explain in brief? Because I can't understand.

  • rod_widdowsonrod_widdowson Member - All Emails Posts: 1,131

    ??I had both my company signature and Microsoft Windows Hardware Comp. Publisher signature.??
    And no red flags about invalidity?

    OpenSSL is an open source product (one which pretty much holds the internet together). Amongst the things it can do is poke at various formats and describe in text the contents of various security formats (X509, PKCS* and so on). Most of my experience in the PKI/signing/encryption space is based on these tools rather than the Microsoft stuff so that's where I'd start looking. If you don't know of OpenSSL I'd not bother trying to swap it in - Windows must have similar tools, you'll need to wait for the US to wake up and someone will be able to point you where to go next - it is not beyond the bounds of possibility that the error is a red-herring and that it has nothing to do with certificate chains.

    If you go into the windows certificate store (its under MMC, load plugin "Certificates"), you might see a revoked key which is in the chain of the singers of your cert. Don't forget to do this on the machine you are testing on. But like I say I have (thankfully) not had to to try to swap in the Microsoft spin in key management.

  • DamodarDamodar Member Posts: 1
    edited August 2019

    I am running into the same ("A certificate was explicitly revoked by its issuer.") issue. Let us know if anyone has got further in solving this.

  • hnahkcadhnahkcad Member Posts: 3

    @Damodar said:
    I am running into the same ("A certificate was explicitly revoked by its issuer.") issue. Let us know if anyone has got further in solving this.

    me too :(
    I use DigiCert EV Code Signing CA (SHA2) and got the sign successed from Microsoft through hardware portal.
    But Install driver same error "A certificate was explicitly revoked by its issuer"

  • Peter_Viscarola_(OSR)Peter_Viscarola_(OSR) Administrator Posts: 7,886

    You know you’re replying to a thread that’s almost a year old, right?

    And THAT reply was to a reply almost a year old.

    Not likely to be that much help, given this pattern. If you have an issue, start a proper, new, discussion.

    Peter

    Peter Viscarola
    OSR
    @OSRDrivers

Sign In or Register to comment.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Upcoming OSR Seminars
OSR has suspended in-person seminars due to the Covid-19 outbreak. But, don't miss your training! Attend via the internet instead!
Kernel Debugging 30 Mar 2020 OSR Seminar Space
Developing Minifilters 15 Jun 2020 LIVE ONLINE
Writing WDF Drivers 22 June 2020 LIVE ONLINE
Internals & Software Drivers 28 Sept 2020 Dulles, VA