| Version 1 (modified by , 8 years ago) (diff) |
|---|
Introduction
This page shows the test procedures for tap-windows6 authenticode signatures, with a particular focus the signatures done with the new EV SHA2 codesigning certificate.
Note that the driver will not work on Windows XP or Windows Server 2003, because the operating systems do not support the NDIS6 interface required by tap-windows6.
Testing the driver
These following two files files contain a tap-windows6 driver that has been signed using an EV code-signing certificate. As such, it should load cleanly on Windows 10, as well as Windows 7.
The process for testing the driver is as follows:
- Extract the driver package
- Remove previously installed driver (if present)
- Install the new driver
- If installation fails, install all Windows updates (if possible) and retry
- Report your finds to samuli at openvpn dot net and optionally update the test matrix at the bottom of the table
More fine-grained instructions below.
Prepaparations
All recent versions of Windows have zip support built in. The tar.gz file can be extracted with Git Bash, for example. Once you've extracted the package, launch command prompth (cmd.exe) or a Powershell session with administrator privileges. Then go to the driver directory:
> cd tap6-ev-signed\amd64
If you're running a 32-bit OS replace "amd64" with "i386".
Next check if a conflicting tap-windows drivers is installed:
> .\tapinstall.exe hwids tap0901
ROOT\NET\0000
Name: Tap-Windows Adapter V9
Hardware IDs:
tap0901
1 matching device(s) found.
In this case there was.
Removing existing driver
If tap-windows6 driver was installed, you need to remove it:
> .\tapinstall.exe remove tap0901 ROOT\NET\0000: : Removed 1 devices(s) were removed.
You can verify the removal using ".\tapinstall.exe hwids tap0901" as shown above.
Installing the new driver
Once the old driver (if any) is gone, you can install the new tap-windows6 driver:
.\tapinstall.exe install OemVista.inf tap0901
The above commands attempt to install the driver, and if Windows has any problems verifying the driver's publisher, it will complain about "Unknown publisher". In that case there is something wrong with the catalog file's (tap0901.cat) signature which needs to be fixed.
Reporting results
Both positive (e.g. "Loads fine on Windows 7 32-bit") and negative ("Fails on Windows 10 64-bit") reports are much appreciated. The test results are published in the test result table, below.
Test results
tap-ev-signed
This driver package has one Authenticode signature done with an Digicert EV SHA2 certificate, and DigiCert High Assurance EV Root CA (from here) was used as the cross-certificate.
| Operating system | Bitness | Installs? | Works? | All updates installed? | Tester |
| Windows Vista | 32 | Yes, but publisher not detected | Yes | No | selva |
| Windows Vista | 64 | - | - | - | - |
| Windows 7 (pro) | 64 | Yes | Yes | Yes | mattock |
| Windows Server 2008 | - | No | No | No | selva |
| Windows 10 | 64 | Yes | Yes | No | selva |
| Windows Server 2012r2 | 64 | Yes | Yes| |
