ricktendo64 Posted October 30, 2014 Report Share Posted October 30, 2014 I know a guy who is doing a unofficial service pack 4 for XP and I had a couple drivers INF that I updated and needed to be signed, so I asked him if he could do it and he did... All that was needed after this was to apply a REG file to make the certificate he uses 'Trusted' and then one can install the INF without the need to Disable Driver Signature Enforcement Here are the drivers in case you think this would be a good idea http://adf.ly/1713566/winusbdrvMD5: 1f4767332798a2f57cbca2baeab9d659Size: 8.50 Quote Link to comment Share on other sites More sharing options...
erp-ster7n Posted November 4, 2014 Report Share Posted November 4, 2014 does this tip apply to Windows versions like Vista, 7 & 8.x? what about XP? Quote Link to comment Share on other sites More sharing options...
ricktendo64 Posted November 4, 2014 Author Report Share Posted November 4, 2014 The INF and files are signed for Vista and 7 x86/x64, I asked him to leave out XP because there was no need for it These are some instructions on how he does the signing http://www.ryanvm.net/forum/viewtopic.php?p=136382#136382 Quote Link to comment Share on other sites More sharing options...
ricktendo64 Posted November 17, 2014 Author Report Share Posted November 17, 2014 OK so I found a pretty EASY way to create a PFX for use with signing drivers, its SelfCert 1- Use SelfCert to generate your PFX, input these into the dialog boxes x.500 distinguished name: cn=name_here,o=org_here,e=email@example.com Key size: 2048 Valid from: today Valid to: your choice (5-10 yrs is good IMO) Now put in a password in and save as PFX Here is a example list from a WHQL cert with other optional information you can use in distinguished name selfcert box: CN = Microsoft Windows Hardware Compatibility PCAO = Microsoft CorporationL = RedmondS = WashingtonC = US E = Your Email OK now that you have your PFX, you can generate a CAT for your modded driver and sing it (you will need the latest Windows Driver Kit) Re-generate a new CAT with Inf2Cat Inf2Cat /driver:<path_to_folder_with_INF_&_Files> /os:Vista_X86,Vista_X64,Server2008_X86,Server2008_X64,7_X86,7_X64,Server8_X64,8_X86,8_X64,Server6_3_X64,6_3_X86,6_3_X64 Sign the new CAT with your PFX signtool sign /f <filename>.pfx /p <password> "<path_to_folder>\nv_disp.cat" Finally timesamp your CAT signtool timestamp /t http://timestamp.verisign.com/scripts/timstamp.dll "<path_to_folder>\nv_disp.cat" Now what you need to do, is get the cert from your PFX, install it in the Trusted Root Cert. Auth. and get the reg from this to give to users to apply If the admin needs help with this I would be willing to help over Skype, PM me if interested Quote Link to comment Share on other sites More sharing options...
mobilenvidia Posted November 19, 2014 Report Share Posted November 19, 2014 I'll have a closer look at this once i get my self sorted with new ISP, currently surfing via Cellphone, bit cumbersome Taking a bit of time to get it setup. definitely very interesting stuff Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.