This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 89%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EN%3C/text%3E%3C/svg%3E)
Hi Team,
Recently we signed drivers with Microsoft after HLK test. While installing the drivers I am getting below error.
[SC] StartService FAILED 2148204812:
A certificate was explicitly revoked by its issuer.
Note : 1) I got a brand new USB EV certificate from Sectigo. I did register my certificate with MicroSoft before signing my application.
2) Performed HLK test and submitted drivers to MicroSoft. MicroSoft also signed my drivers.
3) I rebuild my application with the latest MicroSoft drivers before installing.
4) I have validated all the certificates on the .sys driver level and everything looks good.
Still, I am getting the above certificate error.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(131.20000000000002, 10%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBC%3C/text%3E%3C/svg%3E)
Is the Microsoft signature publisher of your signed driver "Microsoft Window PCA 2010" or "Microsoft Windows Third Party Component CA 2012"?
Only "Microsoft Windows Third Party Component CA 2012" can work on Secure Boot enabled PC.
If the publisher of your singed driver is "Microsoft Window PCA 2010", you must resigned your driver and make sure the "Perform test-signing for Win10 and above" is not checked while you upgrading your HLK package.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(163.2, 25%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAK%3C/text%3E%3C/svg%3E)
Wow, thank you so much, this was exactly my issue! I tried to resubmit the package without "Perform test-signing for Win10 and above" and the newly signed driver worked great! Even paid Microsoft support could not help to identify this problem...
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 49%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAN%3C/text%3E%3C/svg%3E)
Thank you very much. It was my problem too. I was searching for a solution last days. Thanks again
Did you find solution to your issue? I'm facing exactly the same situation and problem. I also got a certificate, signed driver, performed HLK testing and got Microsoft signature. sc start service also says that the certificate has been revoked.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(86.4, 8%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHH%3C/text%3E%3C/svg%3E)
Did you find solution to your issue? I'm facing exactly the same situation and problem. I also got a certificate, signed driver, performed HLK testing and got Microsoft signature. sc start service also says that the certificate has been revoked.