none
UMDF driver signing without WHQL RRS feed

  • Question

  • I'm new to driver development and signing of drivers.

    without any signing I get the following popup which is not acceptable:

    But we could live with such a popup (it's not my driver):

    Is it correct that by signing my driver I would get a popup like the one above? As far as I understand WHQL would be the next step to avoid even this popup, right?

    Does it work without WHQL and by accepting to see the above popup on all of the following plattforms: Win7 + Win8 (win32 and x64)?

    Regards,
    andy

    Thursday, February 27, 2014 4:55 PM

Answers

  • Yes there are two levels of signing.  One indicates the driver is from a known and trusted source, and allows drivers to be run on 64-bit.  The other level is WHQL signing which can remove all the popups.  Using code signing will allow 64-bit drivers, and give a lighter warning popup.


    Don Burn Windows Filesystem and Driver Consulting Website: http://www.windrvr.com Blog: http://msmvps.com/blogs/WinDrvr

    Thursday, February 27, 2014 4:59 PM

All replies

  • Yes there are two levels of signing.  One indicates the driver is from a known and trusted source, and allows drivers to be run on 64-bit.  The other level is WHQL signing which can remove all the popups.  Using code signing will allow 64-bit drivers, and give a lighter warning popup.


    Don Burn Windows Filesystem and Driver Consulting Website: http://www.windrvr.com Blog: http://msmvps.com/blogs/WinDrvr

    Thursday, February 27, 2014 4:59 PM
  • Well since it's a UMDF driver the driver runs on 64bit anyway. Does the "lighter warning popup" look like the second popup in my initial post?

    What are the approx. costs for the two levels?

    Thursday, February 27, 2014 5:18 PM
  • Does the "lighter warning popup" look like the second popup in my initial post?

    Yes

    What are the approx. costs for the two levels?

    If you can deploy your cert on the target machine, or persuade users to install it once (so your publisher cert is trusted on their machines), the additional cost is zero.

    Otherwise the cost is passing the complete HCT procedure (time, effort) + mandatory Verisign certificate to sign all stuff you submit to MS + per submission cost.

    Multiply by number of submissions. Every change or fix in your package will cost you.

    -- pa


    Thursday, February 27, 2014 5:35 PM