Verifying the Signature of a Release-Signed Driver File
To verify an embedded signature in a driver file that is created by a Software Publisher Certificate (SPC), use the following SignTool command:
SignTool verify /v /kp DriverFileName.sys
Where:
The verify command configures SignTool to verify the signature that is embedded in the driver file DriverFileName.sys.
The /v option configures SignTool to print execution and warning messages.
The /kp option configures SignTool to verify that the signature that is embedded in DriverFileName.sys complies with the kernel-mode code signing policy and the PnP device installation signing requirements for Windows Vista and later versions of Windows.
DriverFileName.sys is the name of the driver file.
For example, the following command verifies that Toaster.sys has a valid embedded signature. In this example, Toaster.sys is in the amd64 subdirectory under the directory in which the command is run.
SignTool verify /kp amd64\toaster.sys
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for