What does the error mesg: "Not digitally signed or not signed in the appropriate manner" mean?

Praveen_Kumar_Amritaluru · August 31, 2006, 9:08am

Hi,

I changed the name of inf file to follow 8.3 name convention + seperate inf
files for 32/64 bit.
On changing the name I get the error mesg:

“The driver cannot be installed because it is either not digitally signed or
not signed in the
appropriate manner”.

Any idea what could be the reason.
I dont see any difference in the contents of the inf file. Its just the inf
file name change.

Thanks,
-Praveen

OSR_Community_User · August 31, 2006, 10:25am

Drivers are signed in a catalog file (name listed in the INF file). It contains

(1) the name of each file in your driver package
(2) a checksum of said file
(3) a certificate identifying the software publisher who is vouching for the package

The package is properly signed if the publisher is trusted, the INF and all files it lists are listed in the catalog, and all of the files match the checksums listed in the catalog. I’m going to leave trust issues out of the discussion, though …

When you renamed your INF file, it no longer matched the one in the catalog, invalidating the package.

Basically, once the driver package is signed, changing any part of it causes it to be unsigned (in part because this is an anti-tampering technology).

BTW, there is no requirement to make an INF name 8.3 that I am aware of.

Praveen_Kumar_Amritaluru · August 31, 2006, 11:24am

As of now, I am not specifying catalog file in the old as well as new inf
file.
Still it fails.

Probably we have been asked to make it 8.3 to be on safer side to avoid that
exercise
at a later point of time.

Regds,
-Praveen

xxxxx@microsoft.com> wrote in message news:xxxxx@ntdev…

Drivers are signed in a catalog file (name listed in the INF file). It
contains

(1) the name of each file in your driver package
(2) a checksum of said file
(3) a certificate identifying the software publisher who is vouching for
the package

The package is properly signed if the publisher is trusted, the INF and
all files it lists are listed in the catalog, and all of the files match
the checksums listed in the catalog. I’m going to leave trust issues out
of the discussion, though …
>
> When you renamed your INF file, it no longer matched the one in the
> catalog, invalidating the package.
>
> Basically, once the driver package is signed, changing any part of it
> causes it to be unsigned (in part because this is an anti-tampering
> technology).
>
> BTW, there is no requirement to make an INF name 8.3 that I am aware of.
>

OSR_Community_User · August 31, 2006, 11:49am

If there is no catalog listed in the INF, then the driver is by definition unsigned and untrusted.

Has someone changed the policy settings on your test machine for installing unsigned drivers?