How to install unsigned drivers


This blog post has moved to https://matthewvaneerde.wordpress.com/2011/09/14/how-to-install-unsigned-drivers/

Comments (4)

  1. xpclient says:

    F8 worked with the Vista/Windows 7 bootloader, but it didn't work reliably in cases where the boot delay was set to 0 seconds. (blogs.msdn.com/…/the-space-bar-is-the-new-f8-when-it-comes-to-vista-and-server-2008-boot-options.aspx). The official key to show the boot screen/F8 options was Space bar which worked properly for all cases. Now not only is pressing Shift+F8 together at just the right time before the OS begins to boot not easy but Space or Shift+Space no longer works. Can't it be a single keystroke that works reliably even if the boot delay is set to 0 seconds?

  2. V. says:

    Do I understand right, that, to run the driver without "testsigning on" or "F8 trick", it must be signed with commercial code signing certificate?

    I've looked a bit, such certificates cost about $200 per year… Not bad business, hehe.

  3. If I read that article correctly…

    > Digitally signing kernel-mode software is similar to code-signing any software that is published for Windows

    … would imply that there are four ways to run code:

    1. unsigned. This is enabled by default, for all x86 code; for user-mode 64-bit code; and for no ARM code.

    2. self-signed. This requires generating your own root certificate (once), adding it to the Trusted Certificate Store when installing the code.

    3. signed by Microsoft. Microsoft will sign your driver, or your Windows Store app, if the code passes certain tests. Some of the stricter forms of audio DRM allow apps to require that the audio driver be signed this way.

    4. signed by someone else, whose root certificate is already in the Trusted Certificate Store.

    I haven't tried installing a driver with a trusted self-signed certificate myself, though.

Skip to main content