DPInst.exe -- can I digitally sign it? RRS feed

  • Question

  • DPInst.exe is a Microsoft Windows Kit redistributable that I add to my "driver package" to create my "driver installation package".

    However, in my Windows Kit 10, dpinst.exe is unsigned. This means that when I execute it, I get a UAC pop-up saying do I want to trust running something from an unknown publisher. I'd usually sign the program to at least identify that it came from my organization. However, I didn't create dpinst.exe, so I'm unsure what my "rights" are in redistributing it. I've googled a little, but not quite found what I want (I.e. verbiage saying that I am allowed to sign it).

    Do you sign dpinst.exe when you redistribute it in your driver package?

    Pointers to somewhere in the MSDN saying I have rights to sign it myself?



    Grrr, as soon as I post the question, I then find it:

    From here:


    Unidentified Publisher dialog on Windows Vista and later versions of Windows

    In Windows Vista and later versions of Windows, running DPInst.exe will cause a warning dialog box to be displayed that states that DPInst.exe is from an unidentified publisher. Microsoft intentionally did not digitally sign DPInst.exe because it is intended to be redistributed as part of your driver installation package. To avoid this dialog, digitally sign DPInst.exe using your own code signing certificate.


    Tuesday, November 10, 2015 5:28 PM


  • Instead of using DPinst in those cases, I typically make my own install program with the DifxAPI's.  This is really what DPinst is, and it is pretty easy to do your own.

    Don Burn Windows Driver Consulting Website:

    Tuesday, November 10, 2015 5:31 PM