Windows device installation uses digital signatures to verify the integrity of driver packages and to verify the identity of the vendor (software publisher) who provides the driver packages. In addition, the kernel-mode code signing policy for 64-bit versions of Windows Vista and later versions of Windows specifies that a kernel-mode driver must be signed for the driver to load.
Kernel-mode driver binaries embed signed with dual (SHA1 and SHA2) certificates from a third party certificate vendor for operating systems earlier than Windows 10 may not load, or may cause a system crash on Windows 10. To fix this problem, install KB 3081436.
- Overview of Digital Signatures for Driver Installation
- Managing the Signing Process
- Signing Drivers during Development and Test
- Signing Drivers for Public Release
- Troubleshooting Install and Load Problems with Signed Driver Packages
For general information about driver signing on Windows Vista and later versions of Windows, see the white paper Digital Signatures for Kernel Modules on Systems Running Windows Vista at the Windows Hardware Developer Central website.