I have custom Windows driver which is used until now without signature. I want to sign it to avoid warning messages while installing on Windows 7 and allow installation on Windows 10 without need to disable some options. Currently I test with self signed certificate and the plan is to buy real certificate when tests are finished. There are 3 questions:
1) My first test is on Windows XP (VM). XP said that driver is signed at the beginning of installation but later was displayed a message "The software... has not passed Windows Logo testing to verify its compatibility...". The same message was displayed before with unsigned driver. Is it necessary to do something else for "Windows Logo testing" or it depends on type of certificate? Can it be installed on Windows 10 without such Windows logo testing?
2) The driver signature is made on .CAT file and by this way all files are identified. Is it necessary to sign the .DLL-s separately?
3) My current WDK is old version and Inf2cat tool does not have /os option for Windows 10 (10_X64). If the signature is for Windows 7 (/os:7_X64), can it be installed on Windows 10?
Which is your driver, kernel mode or user mode?
I don't know about user mode drivers well, so I answer about kernel mode drivers.
1)
If you want to install kernel mode driver on Windows10, it should be signed by Microsoft.
See also:
https://blogs.msdn.microsoft.com/windows_hardware_certification/2016/07/26/driver-signing-changes-in-windows-10-version-1607/
2)
No. You only need to sign .CAT file.
3)
You can install driver which have signature for Windows 7, if it has Attestation Signing.
https://learn.microsoft.com/en-us/windows-hardware/drivers/dashboard/attestation-signing-a-kernel-driver-for-public-release
Related
I've office 365 install in my system (64 bit) and my OS is windows 10 Enterprise(64 bit). I've downloaded bi publisher desktop from this location and installed 64 bit version of it using Administrator access.
After installing I can't see any Ribbon 'Bi Publisher' in my Word application. Also, I can't see this add-in in File->Options->Add-in window. I checked all options (Active/Inactive/COM Add-in/Disable Items) but this addin is not there at all.
I searched many blogs where they are suggesting to run below file -
C:\Program Files\Oracle\BI Publisher\BI Publisher Desktop\DotNetInstallFiles\TBAddInSetup64.msi
but when I'm trying to run this, it throws an error "Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove program on the Control Panel'
Can anybody suggest me how to populate this ribbon in Office 365(64 bit)?
I had the same issue, solved by unistalling (C:\Program Files\Oracle\BI Publisher\BI Publisher Desktop\DotNetInstallFiles\TBAddInSetup.msi) in order to install (C:\Program Files\Oracle\BI Publisher\BI Publisher Desktop\DotNetInstallFiles\TBAddInSetup64.msi).
I think that the another version without the "64" it's the 32 bits version and in my case, my windows and office are 64 bits so I think that I must have the 64 bits version of that programm.
After all of this, if you don't see the pluging, check it on Windows/Archive/Options/Complements/Manage(Complements COM)/Go
And you should see BIPublisher available for choose
I ran into the same issue. I have separate accounts for development work and administration. I installed with the admin login but the add-in would not run under my developer credentials. Apparently Oracle expects you to only run Word under the same admin-enabled account that was used to install the software. My Desktop Support department had to grant admin to my dev account, install and then drop the admin permissions. So now it's installed and runs under Dev, but the Preview function throws a Java error.
If you are not an administrator on your pc, probably an admin user installed the Add-in. If so, with your user logged in, run: C:\Program Files\Oracle\BI Publisher\BI Publisher Desktop\DotNetInstallFiles\TBAddUser.exe
I have Mirth Connect Version 2.2.3.6825 installed on RHL I want to access my Mirth my Local Machine which have Java 1.8(Java 1.7 it Work fine), I am not able to launch the Administrator tool of Mirth. When I clicked on the administrator button, It opened the window saying starting application after giving User name and Password it give error 'There was an error connecting to the server at the specified address. Please verify that the server is up and running'
http://www.mirthcorp.com/community/wiki/display/mirth/System+Requirements
Java 8 should work with version 2.2.3, but you must be using the Oracle JRE. OpenJDK only recently became supported with version 3.7.
You may also want to try using the new Administrator Launcher available on the mirth downloads page. It comes bundled with a Java 8 JVM so that you don't need to install one separately. It works with all versions of mirth from 2.x and up. See announcement here: https://www.mirthcorp.com/community/forums/showthread.php?t=218662
I have a driver which is signed using the steps in this link:
http://technet.microsoft.com/en-us/library/dd919238(v=ws.10).aspx
When i try to install this driver on Windows 8.1 it fails. The driver can install on all other Operating Systems.
When i restart the computer and disables driver signature enforcement and start the driver install then a message appears saying that the publisher of the driver is unkown and asks me if i want continue the install or not. If u choose to install then the driver is installed on Windows 8.1. So the problem must be something with the driver signature i guess.
Taken from the link: "The driver is marked as "Not Trusted" because Windows cannot validate the certificate against any of the trusted certificates in the per computer Trusted Root Certification Authorities store".
As this driver is meant to run on customer machines this problem is really annoying.
So:
Will this problem be solved if i make the driver marked as "Trusted" - and how do I do that?
Or does someone know an easier workaround for this problem?
You should try using /tr instead of /t because I have experienced trouble with the /tr option as described in my article, Practical Windows Code and Driver Signing.
What exactly do you mean by "it fails"? What error message do you get, or what unexpected behavior? Could you post the .CAT file here so we can look at your signature? Does your certificate your SHA1 or SHA2? What about the CAT file and the signature of the CAT file?
You could consider buying a certificate instead of making one yourself. Then you wouldn't have to worry about putting your certificate in the Trusted Root Certification Authorities list and the Trusted Publishers list on all of your customers' computers.
Short description: I have a signed driver that passes SignTool verification but Windows refuses to load it with error: CodeIntegrity 3004 - file hash not found on system. How do I fix this?
Long description:
I'm using the Cypress Suite USB 3.4.7 development kit to create a USB driver for our instrument to run under Windows 7 64-bit. I've configured the INF with the proper IDs and the unsigned driver works fine as long as I by bypass driver signature enforcement. I want to create a signed driver and have been following the steps described in http://www.davidegrayson.com/signing/
I've created a catalog file using Inf2Cat v3.2 with the /os:7_X64 flag among others. I'm using SignTool /sha1 to sign and can verify signatures on the .cat and cyusb.sys files. File explorer shows that both files have digital signatures and the advanced tab shows "This digital signature is OK."
I plug in my USB device and it shows up as an Unknown device in device manager. I select Update Driver and I see a screen stating that the driver is signed by me. I continue and after a few moments the installation fails stating that the driver is not properly signed. The eventviewer shows a CodeIntegrity error 3004, "Windows is unable to verify the image integrity of CYUSB.sys because the file hash could not be found on the system"
I haven't been able to find an explanation for this "file hash" that could not be found. Any help with how to further troubleshoot and resolve this issue would be GREATLY appreciated!
The error message in the event log is misleading. The missing "file hash" is really a Microsoft Root level certificate. I had my driver signed by GlobalSign ObjectSign CA which was a valid signature but I did not specify the cross-certificate which links GlobalSign to the Microsoft root certificate.
To clearly detect the original error I needed to use SignTool Verify with the /kp switch which tests for kernel level permissions needed by this USB driver. Using that switch I got an error clearly stating it couldn't find the Microsoft root certificate.
I downloaded the cross certificate for GlobalSign here: http://msdn.microsoft.com/en-us/library/windows/hardware/dn170454(v=vs.85).aspx
Using /ac switch with SignTool Sign I was able to sign the .cat file with a chain that went down to the Microsoft root certificate. This driver successfully installed on a Win 7 64-bit system. Victory!
Alright, I was tasked to develop a Windows Service that listens to a directory for files that are dropped in it, read them, delete them and print out a report.
I installed the service on my work laptop (Win 7 x86) and a test machine (XP x86) under a User account at first. It would do everything as it should except the print the report. No errors, nothing. Then I made it run under Local System and it produced a "No printers found" exception.
Converting the app to a Console Application and running on these machines gave the desired result. OK, so now I was assuming that there are security "stuff" involved.
Then I installed the service on a Server 2008 x64 machine (under Local System) and it just worked. Can anybody explain to me why this is happening? Why does the service allow printing from Server OS but not from a Desktop OS or am I missing something very obvious?
I'm guessing that the printers are installed locally on the server but installed as network printers on the desktop. Local System only have access to local printers.