Changes between Version 3 and Version 4 of BuildingTapWindows6
- Timestamp:
- 04/19/16 09:30:48 (8 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
BuildingTapWindows6
v3 v4 45 45 '''NOTE:''' According to Microsoft Inf2Cat requires a full path to the driver directory. 46 46 47 == Adding signatures usingsigntool.exe ==47 == Signing files with signtool.exe == 48 48 49 Adding a signature using a (non-EV) certificate stored in a pfx file. This bypasses the Windows certificate store entirely, thus simplifying things a bit: 50 49 Sign a file using a (non-EV) certificate stored in a pfx file. Note that this process is not suitable for EV certificates, which are probably all stored in some sort of dongle and thus only visible through the Windows Certificate Store: 51 50 {{{ 52 signtool.exe sign /v /ac <cross-certificate> /t <timestamp-url> /f <pfx-file> /p <pfx-password> < drivername>.cat51 signtool.exe sign /v /ac <cross-certificate> /t <timestamp-url> /f <pfx-file> /p <pfx-password> <file> 53 52 }}} 54 Example:53 Sign a driver with the "best" certificate found from the certificate store. This should work if there is only code-signing certificate in the store: 55 54 {{{ 56 signtool sign /v /ac digicert-cross-cert.crt /t http://timestamp.digicert.com /f kernel-mode.pfx /p <password> tap6/amd64/tap0901.cat 55 signtool.exe sign /v /ac <cross-certificate> /t <timestamp-url> /a <file> 56 }}} 57 Sign a driver using a certificate under ''Currentuser\My'', selecting the right certificate based on a substring of the certificate's subjectname: 58 {{{ 59 signtool.exe sign /v /ac <cross-certificate> /t <timestamp-url> /s My -n <subjectname> <file> 60 }}} 61 Examples: 62 {{{ 63 signtool.exe sign /v /ac digicert-cross-cert.crt /t http://timestamp.digicert.com /f kernel-mode.pfx /p <password> tap6/amd64/tap0901.cat 64 signtool.exe sign /v /ac digicert-cross-cert.crt /t http://timestamp.digicert.com /s My -n <subjectname> tap6/amd64/tap0901.cat 57 65 }}} 58 66