Table of contents
Collapse the table of content
Expand the table of content

Signing Drivers during Development and Test

Last Updated: 7/30/2016

Test-signing refers to using a test certificate to sign a prerelease version of a driver package for use on test computers. In particular, this allows developers to sign kernel-mode binaries by using self-signed certificates, such as those the MakeCert tool generates. Starting with Windows Vista, this capability allows developers to test kernel-mode binaries on Windows with driver signature verification enabled.

Note Windows Vista and later versions of Windows support test-signed drivers only for development and testing purposes. Test-signed drivers must not be used for production purposes or released to customers.

To get a better understanding of the steps that are involved to test-sign driver packages, review the following topics in this section:

Introduction to Test-Signing
This topic describes the reasons why test-signing a driver package is important, and provides a high-level summary of the test-signing process.

How to Test-Sign a Driver Package
This topic provides a high-level overview of the test-signing process, and reviews many examples of test-signing by using the ToastPkg sample driver package within the Windows Driver Kit (WDK).

For more information about the test-signing process, see the following topics:

WHQL Test Signature Program

Test Certificates

Test-Signing Driver Packages

Installing Test-Signed Driver Packages

Installing an Unsigned Driver during Development and Test

© 2017 Microsoft