Hello,
I have to write a device driver for a PCI card installed on a Windows
Server R2 machine.
I heard that under this OS, WDF device drivers must be certified.
Is it true ?
Till now I created WDF device drivers for Windows XP (SP2).
No certification was required.
Thanks,
Zvika.
This is really an NTDEV question. No you do not need to certify a
driver if you mean by certify passing WHQL. You do need to digitally
sign the x64 version of the driver.
Don Burn (MVP, Windows DKD)
Windows Filesystem and Driver Consulting
Website: http://www.windrvr.com
Blog: http://msmvps.com/blogs/WinDrvr
“Zvi Vered” wrote in message news:xxxxx@ntfsd:
> Hello,
>
> I have to write a device driver for a PCI card installed on a Windows
> Server R2 machine.
>
> I heard that under this OS, WDF device drivers must be certified.
>
> Is it true ?
>
> Till now I created WDF device drivers for Windows XP (SP2).
>
> No certification was required.
>
> Thanks,
> Zvika.
> I heard that under this OS, WDF device drivers must be certified.
There are 2 absolutely different requirements:
a) on on x64 Vista+ OSes, the kernel-mode binaries must be digitally signed, or they will not load.
Solution: your company should purchase Verisign or Globalsign code signing cert with KMCS support, then you should study the signing procedure (google for KMCS) and do this, probably as a part of the build process.
b) since w2k up, drivers installed by INF files must have the whole driver package signed by the WinQual team in Redmond, or they will show nasty dialogs on install.
You can avoid to sign the package at all, this will make the red dialog. Or, you can sign it without WinQual with your own cert (from step “a” above or such), this will make the yellow dialog of “Do you trust software from this company”?
The dialog can only be answered by interactively logged-on admin. Otherwise, the driver package install fails.
After the driver package is installed to driver store, no more checks are made.
Pre-Vista, this dialog cannot be suppressed at all. On Vista+, this dialog can be suppressed by installing your cert to Trusted Publishers. More so, the yellow dialog described above has the checkbox of “always trust”, which does exactly this.
To sign with WinQual, you need to a) deploy DTM b) run DTM tests over your driver c) save their logs d) open WinQual account e) pay some small money to MS f) submit your driver package with DTM logs to WinQual.
Usually, WinQual is an issue only for mass-market devices. If your device is a part of some vertical solution to a narrow market - then probably the yellow dialog (or the requirement to preinstall your cert to Trusted Publishers) is OK.
–
Maxim S. Shatskih
Windows DDK MVP
xxxxx@storagecraft.com
http://www.storagecraft.com
Dear Mr. Burn,
Sorry for using the wrong forum.
Why does microsoft insist that my driver will be digitally sign ?
The PCI card is a not a standard one (like ethernet controller or video adapter)
The server is part of a military system supplied to customers.
How can I digitally sign my device driver ?
Thanks,
Zvika
On Thu, Jan 20, 2011 at 6:42 PM, Don Burn wrote:
> This is really an NTDEV question. ?No you do not need to certify a driver if
> you mean by certify passing WHQL. ?You do need to digitally sign the x64
> version of the driver.
>
>
> Don Burn (MVP, Windows DKD)
> Windows Filesystem and Driver Consulting
> Website: http://www.windrvr.com
> Blog: http://msmvps.com/blogs/WinDrvr
>
>
>
> “Zvi Vered” wrote in message news:xxxxx@ntfsd:
>
>> Hello,
>>
>> I have to write a device driver for a PCI card installed on a Windows
>> Server R2 machine.
>>
>> I heard that under this OS, WDF device drivers must be certified.
>>
>> Is it true ?
>>
>> Till now I created WDF device drivers for Windows XP (SP2).
>>
>> No certification was required.
>>
>> Thanks,
>> Zvika.
>
>
> —
> NTFSD is sponsored by OSR
>
> For our schedule of debugging and file system seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
Unless you intend to submit your driver to WHQL, that is not a true statement. Only a 64bit driver must be digitally signed . 32 bit drivers do not require a signature.
Gary G. Little
----- Original Message -----
From: “Zvi Vered”
To: “Windows File Systems Devs Interest List”
Sent: Thursday, January 20, 2011 1:41:11 PM
Subject: Re: [ntfsd] Windows Server R2: Certification for WDF device driver
Dear Mr. Burn,
Sorry for using the wrong forum.
Why does microsoft insist that my driver will be digitally sign ?
The PCI card is a not a standard one (like ethernet controller or video adapter)
The server is part of a military system supplied to customers.
How can I digitally sign my device driver ?
Thanks,
Zvika
On Thu, Jan 20, 2011 at 6:42 PM, Don Burn wrote:
> This is really an NTDEV question. No you do not need to certify a driver if
> you mean by certify passing WHQL. You do need to digitally sign the x64
> version of the driver.
>
>
> Don Burn (MVP, Windows DKD)
> Windows Filesystem and Driver Consulting
> Website: http://www.windrvr.com
> Blog: http://msmvps.com/blogs/WinDrvr
>
>
>
> “Zvi Vered” wrote in message news:xxxxx@ntfsd:
>
>> Hello,
>>
>> I have to write a device driver for a PCI card installed on a Windows
>> Server R2 machine.
>>
>> I heard that under this OS, WDF device drivers must be certified.
>>
>> Is it true ?
>>
>> Till now I created WDF device drivers for Windows XP (SP2).
>>
>> No certification was required.
>>
>> Thanks,
>> Zvika.
>
>
> —
> NTFSD is sponsored by OSR
>
> For our schedule of debugging and file system seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
—
NTFSD is sponsored by OSR
For our schedule of debugging and file system seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
Max answered your question. Go to VeriSign or GlobalSign for a Class-3 code signing certificate and sign your drivers yourself.
Gary G. Little
----- Original Message -----
From: “Zvi Vered”
To: “Windows File Systems Devs Interest List”
Sent: Thursday, January 20, 2011 1:41:11 PM
Subject: Re: [ntfsd] Windows Server R2: Certification for WDF device driver
Dear Mr. Burn,
Sorry for using the wrong forum.
Why does microsoft insist that my driver will be digitally sign ?
The PCI card is a not a standard one (like ethernet controller or video adapter)
The server is part of a military system supplied to customers.
How can I digitally sign my device driver ?
Thanks,
Zvika
On Thu, Jan 20, 2011 at 6:42 PM, Don Burn wrote:
> This is really an NTDEV question. No you do not need to certify a driver if
> you mean by certify passing WHQL. You do need to digitally sign the x64
> version of the driver.
>
>
> Don Burn (MVP, Windows DKD)
> Windows Filesystem and Driver Consulting
> Website: http://www.windrvr.com
> Blog: http://msmvps.com/blogs/WinDrvr
>
>
>
> “Zvi Vered” wrote in message news:xxxxx@ntfsd:
>
>> Hello,
>>
>> I have to write a device driver for a PCI card installed on a Windows
>> Server R2 machine.
>>
>> I heard that under this OS, WDF device drivers must be certified.
>>
>> Is it true ?
>>
>> Till now I created WDF device drivers for Windows XP (SP2).
>>
>> No certification was required.
>>
>> Thanks,
>> Zvika.
>
>
> —
> NTFSD is sponsored by OSR
>
> For our schedule of debugging and file system seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
—
NTFSD is sponsored by OSR
For our schedule of debugging and file system seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer