I'm developing a virtual driver and QA needs to check out the x64 version on several Windows 7 machines. I have strictly followed the instructions on generating a certificate for test purposes, but I still have some problems. So, I've done the following steps:
Makecert -r -pe -n "CN=TestCertForWDK" -ss "TestCert" mccert.cer
I've added the following two lines in the installer to make auto certificate installation on the remote machines
certmgr.exe -add mccert.cer -s -r localMachine root
certmgr.exe -add mccert.cer -s -r localMachine trustedpublisher
Inf2cat.exe /driver:D:\Projects\MyDrv\package\ /os:7_X64
And finally
signtool sign /a /v /s "TestCert" /n "TestCertForWDK" mydrv.cat
signtool sign /a /v /s "TestCert" /n "TestCertForWDK" mydrv.sys
BTW, at first I've tried installing via devcon. It reported that "devcon succeeded", but the device in Device Manager was marked with yellow exclamation mark (not trusted signature).
Later, I've tried using hdwwiz - when I manually enter the path to driver (Have disk) - hdwwiz shows that driver has a signature and installation proceeds without any warnings. But after that, as I've already metioned, the device is not working because of invalid signature (yellow "!")
I have an account on Winqual, but the driver is still in development state, and I don't want to pay money for submission yet. Am I doing something wrong? Is it possible to install a x64 driver with my own makecert.exe-generated certificate and without disabling a driver signature on the end-user PC (this is not acceptable for me)?
Unfortunately, you need to have it cross signed by Microsoft as well. See here for more details.
Even if you want to use your own test certificate, you need to make changes using the BCDEdit tool.
This will allow your test certificate to be used. This is the only way to use a test certificate.