Hello,
Is there any way I can create a security certificate? Or will I have to buy some commercial CA?
Thanks
ps: I know this isn’t the best place to ask this question, but I’m a bit desperate here.
For internal testing you can create your own test cert. For
distribution you need a commmercial cert.
Mark Roddy
On Fri, Apr 8, 2011 at 3:49 PM, wrote:
> Hello,
>
> Is there any way I can create a security certificate? Or will I have to buy some commercial CA?
>
> Thanks
>
>
> ps: I know this isn’t the best place to ask this question, but I’m a bit desperate here.
>
>
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
>
xxxxx@gmail.com wrote:
Is there any way I can create a security certificate? Or will I have to buy some commercial CA?
Well, that’s not really the question you need to ask. What do intend to
DO with the security certificate?
Of course you can create your own security certificate. That’s called a
“self-signed” certificate. There are instructions on many web pages on
how to do that. You can even sign your drivers and driver packages with
that certificate. The question is, will Windows accept them?
If you turn on test signing, Windows will accept your certificate when
you install your driver. Further, if you install your certificate as a
“trusted publisher”, KMCS will even allow your driver to load in 64
bits. But, of course, you cannot expect your customers to do either of
those things.
If you expect to release drivers to the real world, you need to go to
one of the approved certificate authorities (basically either Verisign
or GlobalSign) and buy a class 3 code-signing certificate.
–
Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.
I think a “self-signed” certificate is enough, because the driver will only be used inside of my infrastructure. So I will try to find some internet guide for doing this.
Many Thanks…
With a self-signed certificate Can I only boot in Test Mode?
,
Thiago Fabre
On Fri, Apr 8, 2011 at 5:45 PM, wrote:
> I think a “self-signed” certificate is enough, because the driver will only
> be used inside of my infrastructure. So I will try to find some internet
> guide for doing this.
>
> Many Thanks…
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
If your infrastructure is a domain, I think you can probably sign with your domain sertificate.
Driver signed with “self-signed” certificate will only be loaded in Test mode.
You can boot normal mode but then driver will not be loaded.
Note: you have to have “self-signed” certificate in “Trusted root”
Thanks,
–rc
On Fri, Apr 8, 2011 at 4:42 PM, Thiago Fabre wrote:
> With a self-signed certificate Can I only boot in Test Mode?
>
> ,
> Thiago Fabre
>
> On Fri, Apr 8, 2011 at 5:45 PM, wrote:
>>
>> I think a “self-signed” certificate is enough, because the driver will
>> only be used inside of my infrastructure. So I will try to find some
>> internet guide for doing this.
>>
>> Many Thanks…
>>
>> —
>> NTDEV is sponsored by OSR
>>
>> For our schedule of WDF, WDM, debugging and other seminars visit:
>> http://www.osr.com/seminars
>>
>> To unsubscribe, visit the List Server section of OSR Online at
>> http://www.osronline.com/page.cfm?name=ListServer
>
> — NTDEV is sponsored by OSR For our schedule of WDF, WDM, debugging and
> other seminars visit: http://www.osr.com/seminars To unsubscribe, visit the
> List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer