none
Driver Signing Utils RRS feed

  • Question

  • I have used Inf2Cat and SignTool to test sign my custom printer driver (postscript). These exes are from Windows Kits-8. This works perfectly fine and driver gets installed without the alert message (Windows Can't varify Publisher of this driver software) even in Windows 8 and Windows Server 2012. I have Inf file and ppd file in my driver package. Catalog file will be generated by Inf2cat tool and SignTool is used to sign the same using Test Certificate.

    However, In production case, even my ppd file will change based on the user's preferences (like default page size etc.,). As ppd gets changed, siging will be come invalid and driver installer will prompt publisher warning. To resolve this, I need to sign the drive everytime my ppd changes.To do this I need these tools Inf2Cat and SignTool. As these components are part of WDK which is ~2GB in size, I can't ship my product with the WDK. Is there any option where I can get only these tools (smaller size) which can be included in my product. I tried to extract only these utils/exes and the dependencied. However, this did not work in other environments.

    Any help will be appreciated.

    Monday, November 26, 2012 5:41 AM

All replies

  • you are not allowed to redist this tools. but i don't think the actual PPD changes each time the preferences change, otherwise each printer driver would be resigning on every change and i strongly suspect that doesn't happen.

    d -- This posting is provided "AS IS" with no warranties, and confers no rights.

    Monday, November 26, 2012 6:54 AM
  • Thanks for the clarification Doron.

    We provide the functionality where users get UI to customize the ppd configs. Based on your reply, we cant sign these changing ppds?

    Monday, November 26, 2012 9:46 AM
  • Ramaprasad,

    As I understand your scenario, you are providing a product to IT administrators where they can change the default options of a driver by changing the contents of the PPD files in a package. Doron is correct that this isn't a scenario we support, however, you can deliver the scenario without changing the driver.

    Instead of changing the driver, just change the default settings. You can do this using PowerShell's Set-PrintConfiguration cmdlet (available on Windows 8/Server 2012 only, though you can remotely manage earlier servers (2008 and above). Your app can also call this cmdlet on the user's behalf. This won't remove features from the driver, but it will allow admins to configure the default configuration for all users of a particular print queue.

    Thanks

    Justin

    Monday, November 26, 2012 6:06 PM