Driver Signing procedure

I need to sign my KMDF driver on Visual Studio. I have bought a EV Certificate from Sectigo. What is the right way to import it on Visual Studio 2017?

I need to sign my KMDF driver on Visual Studio. I have bought a EV Certificate from Sectigo. What is the right way to import it on Visual Studio 2017?

Since Visual Studio 2017 does not support double signing (I think) you may want to use the SignTool utility from the WDK (to attach sha1 and sha256 signature). Otherwise, your driver might not work on older versions of Windows (well, they probably are out of support now).

I cannot elaborate on the Attestation signing process since I own only an OV certificate (which is good enough if you do not intend to support machines with Secure Boot enabled). There should be, however, plenty of topics related to driver signing, so the Search bar is your friend.

Same as above, I don’t know if you can “import” the cert into VS. You could probably write a post build event to automate the process though. Here are some pointers:

1.) You should have safenet installed

2.) First step: sign the binary. Your ccert (if in the form of a USB key) should be plugged in. cmd:
signtool sign /v /sha1 <the sha1 of your cert> /t http://timestamp.digicert.com <your binary>.sys
safenet should open and promt for your password

3.) Run inf2cat. cmd:
inf2cat" /driver:_<directory containing your binary and inf>_ /os:10_X64,6_3_X64

4.) Sign the cat. cmd:
signtool sign /v /sha1 <sha1 of your cert> /t http://timestamp.digicert.com <your binary>_cat

At this point you should either submit for attestation signing OR rung HLK then submit for signing. Searching on the commands above should easily lead to further documentation. Hope this helps!