How to sign my driver so it will install on Windows 7 64-bit?

Question

I have a kernel mode driver and I have to install t on 64 bit Windows 7. It needs to be digitally signed. I digitally signed it using the dseo13b.exe. But when I load the driver I get an error in the system event log saying:

The driver failed to start due to the following error:
Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

I don't want to use the testsigning mode. How do I resolve this? Do I need to get a certificate from Microsoft?

I have developed the driver and am now making it work on the 64 bit machine...

Answer 1

Two useful resources to sign drivers

Windows 7

Windows Server 2012 and Windows 8.1(kind of)

summery:

1.Get a RSA certificate from(Digicert or Verisign or anywhere in your budget) or create a certificate yourself if you need to install it only in your computer

2.When you have a certificate you will also have a private key

3.To distribute the driver you need this certificate to be traceable, Microsoft uses a system called Trusted Root Certification Authority.Now there are other authorities that gives certificate beside these but they will need windows update to verify those. type certmgr.msc to get the list. And look for the ones with code signing permission

4.Either add the certificate in that list or get a certificate from that list

5.Sign the driver with the certificate[details in the links above]

6.Now distribute the driver

there are many tutorials in internet for signing a driver. NB: WHQL is a pricey option you can consider if your company can manage to pay