Signing Drivers during Development and Test (Windows Vista and Later)

Test-signing refers to using a test certificate to sign a prerelease version of a driver package for use on test computers. In particular, this allows developers to sign kernel-mode binaries by using self-signed certificates, such as those the MakeCert tool generates. Starting with Windows Vista, this capability allows developers to test kernel-mode binaries on Windows with driver signature verification enabled.

Note  Windows Vista and later versions of Windows support test-signed drivers only for development and testing purposes. Test-signed drivers must not be used for production purposes or released to customers.

To get a better understanding of the steps that are involved to test-sign driver packages, review the following topics in this section:

Introduction to Test-Signing

This topic describes the reasons why test-signing a driver package is important, and provides a high-level summary of the test-signing process.

How to Test-Sign a Driver Package

This topic provides a high-level overview of the test-signing process, and reviews many examples of test-signing by using the ToastPkg sample driver package within the Windows Driver Kit (WDK).

For more information about the test-signing process, see the following topics:

WHQL Test Signature Program (Windows Vista and Later)

Test Certificates

Test-Signing Driver Packages

Installing Test-Signed Driver Packages

Installing an Unsigned Driver during Development and Test

 

 

Send comments about this topic to Microsoft

Build date: 5/16/2013