How to Release-Sign a Driver Package
This section provides the basic steps that you have to follow when you release-sign a driver package. This includes the following:
Obtaining a Software Publisher Certificate (SPC) from a commercial certificate authority (CA).
Release-signing the driver package's catalog file.
Release-signing a driver through an embedded signature. You have to embed a digital signature within the driver if the driver is a boot-start driver.
Each topic in this section describes a separate procedure in the release-signing process, and provides the general information that you have to understand about the procedure. In addition, each topic points you to other topics that provide detailed information about the procedure.
Throughout this section, separate computers are used for the various processes involved in release-signing a driver. These computers are referred to as follows:
- Signing computer
This is the computer that is used to release-sign a driver package for Windows Vista and later versions of Windows. This computer must be running Windows XP SP2 or later versions of Windows. To use the driver signing tools, this computer must have the Windows Vista and later versions of the Windows Driver Kit (WDK) installed.
- Test computer
This is the computer that is used to install and test the release-signed driver package. This computer must be running Windows Vista or later versions of Windows.
When discussing the release-signing process, the topics of this section use the ToastPkg sample driver package. Within the WDK installation directory, the ToastPkg driver package is located in the src\general\toaster\toastpkg directory.
This section contains the following topics: