How to get rid of "windows can't verify the publisher of this driver software" window?

Question

How to get rid of the "Windows can't verify the publisher of this driver software" window? Policy setting didn't work.

I have tried the following suggested solutions however neither one has worked. I am working on Driver Validation test automation using C# language and I would like to avoid the user interaction while installing/uninstalling drivers. Could you please help me getting rid above security warning?

Two ways I have tried which did not work:

Command line:

1. open the command line with "Run as Administrator" and excute the following commands:
   bcdedit.exe -set load options DDISABLE_INTEGRITY_CHECKS bcdedit.exe -set TESTSIGNING ON

2. Restart your computer

Policy:

1. Open gpedit.msc
2. Expand User Configuration> Administrative Templates > System > Driver Installation
3. In the right panel, double click on ‘Code Signing for Device Drivers’.
4. Choose ‘Enabled’ in the window that appears. In the underlying options, choose ‘Ignore’. This disables drivers signing in Windows 7, and now you can install unsigned drivers in Windows 7.
5. Click Apply, OK. Restart your computer to install unsigned drivers.

The solutions provided by the tech expert members didn't solve my problem. Can anybody provide a working solution? I would be highly appreciate it.

Answer 1

I was reading about this issue. Please refer Gizmo001 answer on social technet forum.

Import the certificates prior to install
Follow these steps:
1. install the software once manually by confirming that the unsigned drivers shall be used
2. go to %windir%\inf and search for the latest OEM??.INF file; open it (notepad) and verify by its contents that this is the driver you wish to install automatically next time
3. go to %windir%\system32\catroot{any ID}\OEM??.CAT (<- same number as in step 2); right click on this file, select properties, go to "Digital Signatures" tab, mark the certificate, click on details
4. on the next window click "Show Certificate"
5. on the next window open the "Details" tab and click "Save to File..."
6. collect this/all certificates
7. deploy these certificates
7.1 either in a batch /cmd script using "certutil.exe -f -addstore "TrustedPublisher" "MYFILE.cer" prior to setup
7.2 or by Group Policies (computer \ Policies \ Windows \ Security \ Public Key Policies \ add your files here )
8. run your setup just the way you wanted