How to properly sign a driver for Windows 7 using the new WHQL approche? RRS feed

  • Question

  • I have a major problem getting my sandboxie driver working under windows 7.

    I ran the HCK tests and the HLK tests as required to get a signature from MSFT and in this hardware partner center web thingy it sees that it should work in w7 and w10 and returns a signed driver.

    That driver also works just fine under windows 10 but for some reason windows 7 still complains about the signature.

    I have the sha265 update for w7 installed so that's not it.

    Any idea what I may be doing wrong?

    I know one way of signing would be to sign the driver with a certificate that w7 accepts directly before submission and get from MSFT only the signature for w10 but as this will no longer work past April 2021 that's not a solution, see: https://docs.microsoft.com/en-us/windows-hardware/drivers/install/deprecation-of-software-publisher-certificates-and-commercial-release-certificates

    So I wanted to go the WHQL route and get a w10 and w7 signature from MSFT, and seemingly they are not complaining at any step of the process.

    Just that in the end it does not work for w7, why?!

    I already spent a week trying to get this to work but to no avail, so I wanted to inquire here if anyone has any experience with the new way of getting drivers signed to work on w7 and w10?

    Any help would be greatly appreciated.
    Saturday, December 12, 2020 8:59 AM