none
Does Attestation Signing work for Windows 2016. RRS feed

  • Question

  • Microsoft doc says,

    An attestation signed driver will only work for Windows 10. It will not work for other versions of Windows, such as Windows 8.1, Windows 7, or any Windows Server versions.

    But few MSDN blogs says, Microsoft doc was not updated and above comment is blatantly wrong.

    ============================

    Actual issue is as below

    We recently encountered an issue with customer loading the filter device driver with windows server 2016 and secure boot enabled option, below is the error message.

    "Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source".

    To fix this, we went through Microsoft docs but doc says from windows 10, WHQL signing is mandatory for driver signing and blog says attestation signing. which one is true?.

    Is attestation signing will enough to me to proceed for signing the device driver or do we need WHQL?. please confirm.

    Please help us on the same.


    • Edited by Yanadi Tuesday, July 23, 2019 5:40 AM
    Monday, July 22, 2019 3:47 PM

Answers

  • The original plan was that attestation signing would be for Windows 10 only, and both Server 2016 and Server 2019 would require full WHQL certification.  Due to industry pressure, they have abandoned those plans.  The requirements for Server 2016 and 2019 are exactly the same as the requirements for Windows 10.

    Tim Roberts | Driver MVP Emeritus | Providenza & Boekelheide, Inc.

    Tuesday, July 23, 2019 10:19 PM