I have been thrown into this project but I am not a developer. The more research I do, the less I understand the steps needed.
We us an FTDI serial to USB driver. Due to hardware conflicts, we asked FTDI to assign us our own hardware ID which they did. The driver was signed and certified. This was done 10 years ago. Another technician took care of the entire process and he is no longer with the company. It seems Windows is taken more steps to block the driver because its out of date. Customers have been disabling Windows security options like memory integrity or the driver block list but are now starting to hit more road blocks.
I don't have to reinvent the wheel so to speak. All that I needed to do was to edit some FTDI's existing ini files and set our hardware ID. In my searching around, I found steps to run my modified driver using DUA with Microsoft's HLK. I installed HLK on a Windows 11 VM and ran the process. The VM did not have a certificate in the store and it's not signed into any Microsoft account so the driver it output, is not signed. This was basically just a test to see if it would actually run all the way through. I went so far as to install this modified unsigned driver on an old Windows 7 VM. I just clicked the "Do this anyway" prompts. It worked as expected.
It looks like a lot has changed since the initial certification. I know I need to create a developer account with a hardware dashboard and I also need an EV code signing certificate.
My questions
Do I need an EV code signing certificate first or do I create the developer account and purchase a certificate through there using one of Microsoft's recommend certificate authorities?
My company was purchased by another company but we still use our name. It's in the context of "DBA". How will that affect my steps acquiring an EV certificate or in creating a Microsoft developer account? Can I still use our company name or do I need to use the parent company name?
I'm more than a bit lost so any help is appreciated.
No, that's not particularly useful. It starts out assuming that you already have a Microsoft Dashboard Account. That's clearly the part that causes the most trouble, and it's not addressed at all.
I haven't seen many replies so I guess I try possibly a few specific questions at a time.
Step 1. I know I need to get an EV code signing certificate.
Do I have to use specific Microsoft approved certificate authorities?
Do I pay for the EV cert first, then if something happens during the vetting process, do I have to start over and buy another certificate?
If my EV certificate expires in 3 or 5 years, Does my driver get put on the recently added "Driver block list" even though there hasn't been any changes?
Unclear, but as all the vendors are approximately equally awful, why not used an approved vendor?
yes.
maybe. However, if, for example, the issue is the precise org name on the cert vs the precise org name for your dashboard account, the cert can be fixed by your vendor.
No. Signing is good forever. The block list is based on other properties.
As an aside, search here for all the issues people are having with actually getting a dashboard account.
They tightened the rules on EV certificates. Our certificate is in our parent company's name.
You may need a senior (engineering of software) manager (registered with Dun and Bradstreet or Zoom Info) to have a brief phone call with the EV provider.
I have some experience at doing this however I am still dreading renewing next year.
We use FTDI serial to USB cables on a number of products. There are FTDI cables with non volatile memory memory, that we use, and we write our own ID strings to this memory to resolve hardware conflicts.
Thanks for the replies! I knew there would be stuff that came up due to getting acquired. As long as they will work with us rather than take our money. Now I feel better about moving forward. This company has never done anything like this so it will be a learning experience for all.
Yeah I am dreading the Developer account with hardware dashboard creation.
To make matters worse, When I log into my Microsoft account with my company, It's managed by its parent company so yet a third business name in the mix.
It looks like the Dev account for a company in the US is 99.00. Is there an additional fee for the hardware dashboard?