Signing Device Driver Packages

Applies To: Windows Server 2008

You can sign a device driver package to provide a level of authentication and integrity to the package. You can configure client computers to trust a device driver package that you sign by placing your signing certificate in the Trusted Publishers store. A package that is trusted in this way does not ask the user whether the publisher is trusted, and thus simplifies the installation process. For more information about deploying your signing certificate, see Deploying Certificates to the Trusted Publishers Store.

Task requirements

The following is required to perform the procedures for this task:

• The code signing tools available as part of the Windows Driver Kit (WDK). To access the WDK, see https://go.microsoft.com/fwlink/?LinkId=59546. The specific tools required are Signability and Signtool.

To complete this task, perform the following procedures:

1. Acquire a Code Signing Certificate

2. Reference the Catalog File in the .Inf file

3. Create the Catalog File to Contain the Signature

4. Sign the Catalog File

5. Verify the Signed Catalog File