Windows 10: Error code 52 in device manager with correct signature in cross-signed driver

社会主义新天地 提交于 2019-12-06 04:51:58
Florian Straub

Potential solutions to this were not dual signing the cat file and checking the root certs of the customer's pcs. I also learned that the error message in setupapi.dev.log is perfectly normal

After some research with a lot of apparently contradictory Microsoft documentation I finally landed at https://docs.microsoft.com/windows-hardware/drivers/install/kernel-mode-code-signing-policy--windows-vista-and-later- where it says:

"Note: Starting with Windows 10, version 1607, Windows will not load any new kernel mode drivers which are not signed by the Dev Portal.

[...]

Cross-signed drivers are still permitted if any of the following are true:

The PC was upgraded from an earlier release of Windows to Windows 10, version 1607.

Secure Boot is off in the BIOS.

Drivers was signed with an end-entity certificate issued prior to July 29th 2015 that chains to a supported cross-signed CA."

And it turned out that Secure Boot was enabled on none of our testing machines, but exactly on the customer machines that had the problem.

Now we have to perform a WHQL certification with the driver. Fortunately there are companies which offer this as a service, so we don't have to maintain a certification machine pool.

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!