Tim,
Yes, did register the new certificate with the Microsoft Partner portal, and removed the old one so that the portal only showed the valid certificate. Thanks for the double-check.
I am including the SignTool command and verification output for both the pre and post portal process. If anyone sees something amiss, please say so, and many thanks!
Barry
======== Signing the catalog file before Microsoft Portal submission ========
Sign kit with this command - use with the new certificate from DigiCert for Microsoft changes for certificates
SignTool sign /v /tr http://timestamp.digicert.com ^
/td sha256 /fd sha256 ^
/ac DigiCert_High_Assurance_EV_Root_CA.crt ^
/sha1 044270294D3D56BC942163859C4180D074E67626 ^
AmNdis60.cat
C:\Users\VSISigning\Desktop\AM E32-1 driver and test submission 3 - no initial certificate\AM_E32-1_Driver_Package2\AM_E32_Driver_Package2> SignTool sign /v /tr http://timestamp.digicert.com
More? /td sha256 /fd sha256 ^
More? /ac DigiCert_High_Assurance_EV_Root_CA.crt ^
More? /sha1 044270294D3D56BC942163859C4180D074E67626 ^
More? AmNdis60.cat
The following certificate was selected:
Issued to: VMS Software, Inc.
Issued by: DigiCert EV Code Signing CA (SHA2)
Expires: Thu Apr 15 08:00:00 2021
SHA1 hash: 044270294D3D56BC942163859C4180D074E67626
Cross certificate chain (using machine store):
Issued to: Microsoft Code Verification Root
Issued by: Microsoft Code Verification Root
Expires: Sat Nov 01 09:54:03 2025
SHA1 hash: 8FBE4D070EF8AB1BCCAF2A9D5CCAE7282A2C66B3
Issued to: DigiCert High Assurance EV Root CA
Issued by: Microsoft Code Verification Root
Expires: Thu Apr 15 15:55:33 2021
SHA1 hash: 2F2513AF3992DB0A3F79709FF8143B3F7BD2D143
Issued to: DigiCert EV Code Signing CA (SHA2)
Issued by: DigiCert High Assurance EV Root CA
Expires: Sun Apr 18 08:00:00 2027
SHA1 hash: 60EE3FC53D4BDFD1697AE5BEAE1CAB1C0F3AD4E3
Issued to: VMS Software, Inc.
Issued by: DigiCert EV Code Signing CA (SHA2)
Expires: Thu Apr 15 08:00:00 2021
SHA1 hash: 044270294D3D56BC942163859C4180D074E67626
Done Adding Additional Store
Successfully signed: amndis60.cat
Number of files successfully Signed: 1
Number of warnings: 0
Number of errors: 0
C:\Users\VSISigning\Desktop\AM E32-1 driver and test submission 3 - no initial certificate\AM_E32-1_Driver_Package3_Signed_CAT\AM_E32_Driver_Package2>SignTool verify /v /pa AmNdis60.cat
Verifying: amndis60.cat
Signature Index: 0 (Primary Signature)
Hash of file (sha256): D50C4EBC2382F1CAA125CA86FA14402E767264CA130E11E47C5E0CBA1B55A839
Signing Certificate Chain:
Issued to: DigiCert High Assurance EV Root CA
Issued by: DigiCert High Assurance EV Root CA
Expires: Sun Nov 09 20:00:00 2031
SHA1 hash: 5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25
Issued to: DigiCert EV Code Signing CA (SHA2)
Issued by: DigiCert High Assurance EV Root CA
Expires: Sun Apr 18 08:00:00 2027
SHA1 hash: 60EE3FC53D4BDFD1697AE5BEAE1CAB1C0F3AD4E3
Issued to: VMS Software, Inc.
Issued by: DigiCert EV Code Signing CA (SHA2)
Expires: Thu Apr 15 08:00:00 2021
SHA1 hash: 044270294D3D56BC942163859C4180D074E67626
The signature is timestamped: Thu Aug 06 18:23:03 2020
Timestamp Verified by:
Issued to: DigiCert Assured ID Root CA
Issued by: DigiCert Assured ID Root CA
Expires: Sun Nov 09 20:00:00 2031
SHA1 hash: 0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
Issued to: DigiCert SHA2 Assured ID Timestamping CA
Issued by: DigiCert Assured ID Root CA
Expires: Tue Jan 07 08:00:00 2031
SHA1 hash: 3BA63A6E4841355772DEBEF9CDCF4D5AF353A297
Issued to: TIMESTAMP-SHA256-2019-10-15
Issued by: DigiCert SHA2 Assured ID Timestamping CA
Expires: Wed Oct 16 20:00:00 2030
SHA1 hash: 0325BD505EDA96302DC22F4FA01E4C28BE2834C5
Successfully verified: amndis60.cat
Number of files successfully Verified: 1
Number of warnings: 0
Number of errors: 0
======= Driver file signatures after Microsoft Portal submission =======
C:\Users\VSISigning\Desktop\AM E32-1 driver and test submission 3 - no initial certificate\Signed_1152921505690983398\drivers\7de375ef-c700-4aa6-b8b5-79daca58e9b2>SignTool verify /v /pa AmNdis60.sys
Verifying: AmNdis60.sys
Signature Index: 0 (Primary Signature)
Hash of file (sha256): FA29D8CD0C2F1F59367E5FF66DC1AD9C92333540436F2C1690BD0ED5C51C9035
Signing Certificate Chain:
Issued to: Microsoft Root Certificate Authority 2010
Issued by: Microsoft Root Certificate Authority 2010
Expires: Sat Jun 23 18:04:01 2035
SHA1 hash: 3B1EFD3A66EA28B16697394703A72CA340A05BD5
Issued to: Microsoft Windows PCA 2010
Issued by: Microsoft Root Certificate Authority 2010
Expires: Sun Jul 06 16:50:23 2025
SHA1 hash: C01386A907496404F276C3C1853ABF4A5274AF88
Issued to: Microsoft Windows Hardware Compatibility Publisher
Issued by: Microsoft Windows PCA 2010
Expires: Sun Jan 31 15:16:16 2021
SHA1 hash: F8CB95569B64E7395CA7FA910449D82870C63F3E
The signature is timestamped: Thu Aug 06 21:21:31 2020
Timestamp Verified by:
Issued to: Microsoft Root Certificate Authority 2010
Issued by: Microsoft Root Certificate Authority 2010
Expires: Sat Jun 23 18:04:01 2035
SHA1 hash: 3B1EFD3A66EA28B16697394703A72CA340A05BD5
Issued to: Microsoft Time-Stamp PCA 2010
Issued by: Microsoft Root Certificate Authority 2010
Expires: Tue Jul 01 17:46:55 2025
SHA1 hash: 2AA752FE64C49ABE82913C463529CF10FF2F04EE
Issued to: Microsoft Time-Stamp Service
Issued by: Microsoft Time-Stamp PCA 2010
Expires: Tue Mar 16 21:15:00 2021
SHA1 hash: 313D4B1BF280123D17B222FD9FB9B1997D5A7D9B
Successfully verified: AmNdis60.sys
Number of files successfully Verified: 1
Number of warnings: 0
Number of errors: 0
C:\Users\VSISigning\Desktop\AM E32-1 driver and test submission 3 - no initial certificate\Signed_1152921505690983398\drivers\7de375ef-c700-4aa6-b8b5-79daca58e9b2>SignTool verify /v /pa /c AmNdis60.ca
t AmNdis60.sys
Verifying: AmNdis60.sys
File is signed in catalog: C:\Users\VSISigning\Desktop\AM E32-1 driver and test submission 3 - no initial certificate\Signed_1152921505690983398\drivers\7de375ef-c700-4aa6-b8b5-79daca58e9b2\amndis60.c
at
Hash of file (sha1): B06E8E335E8581A4BA0FC5755F30DA4C1E5E79D1
Signing Certificate Chain:
Issued to: Microsoft Root Certificate Authority 2010
Issued by: Microsoft Root Certificate Authority 2010
Expires: Sat Jun 23 18:04:01 2035
SHA1 hash: 3B1EFD3A66EA28B16697394703A72CA340A05BD5
Issued to: Microsoft Windows PCA 2010
Issued by: Microsoft Root Certificate Authority 2010
Expires: Sun Jul 06 16:50:23 2025
SHA1 hash: C01386A907496404F276C3C1853ABF4A5274AF88
Issued to: Microsoft Windows Hardware Compatibility Publisher
Issued by: Microsoft Windows PCA 2010
Expires: Sun Jan 31 15:16:16 2021
SHA1 hash: F8CB95569B64E7395CA7FA910449D82870C63F3E
The signature is timestamped: Thu Aug 06 21:21:29 2020
Timestamp Verified by:
Issued to: Microsoft Root Certificate Authority 2010
Issued by: Microsoft Root Certificate Authority 2010
Expires: Sat Jun 23 18:04:01 2035
SHA1 hash: 3B1EFD3A66EA28B16697394703A72CA340A05BD5
Issued to: Microsoft Time-Stamp PCA 2010
Issued by: Microsoft Root Certificate Authority 2010
Expires: Tue Jul 01 17:46:55 2025
SHA1 hash: 2AA752FE64C49ABE82913C463529CF10FF2F04EE
Issued to: Microsoft Time-Stamp Service
Issued by: Microsoft Time-Stamp PCA 2010
Expires: Tue Mar 16 21:15:00 2021
SHA1 hash: 313D4B1BF280123D17B222FD9FB9B1997D5A7D9B
Successfully verified: AmNdis60.sys
Number of files successfully Verified: 1
Number of warnings: 0
Number of errors: 0