Windows Driver Kit: Device Installation
Commercial Release Certificate
In this documentation, a commercial release certificate refers to a digital certificate that a publisher obtains from a trusted, third-party, commercial certification authority (CA) that is a member of the Microsoft Root Certificate Program. GTE and VeriSign, Inc are two examples of such CAs. A CA that is a member of this program validates the identity and entitlement of an applicant and then issues a certificate that the applicant uses to sign its drivers. The signing process stamps the driver with the publisher’s identity and can be used to verify that the driver has not been modified since it was signed.
For security reasons, you should not use a digital certificate that is used to release-sign drivers to test-sign drivers. You should obtain separate digital certificates to use for release-signing and for test-signing. For information about managing digital certificates, see Managing the Digital Signature or Code Signing Keys.
Follow the instructions provided by the CA about how to acquire and install the release certificate on a computer that you will be using to sign a driver.
For more information about obtaining a digital certificate from a CA, see the .gif)
Microsoft Root Certificate Program Members Web site.