Disable -> "Windows can't verify the publisher of this driver software" popup


  • Hey Folks,

    Just wondering if anyone can tell me how I might go about doing this?  Here's the rundown.  I work for a company that produces hardware, and obviously, drivers to go with said hardware.  Now, I have no problem test-signing the drivers, works like a charm and my cert is on both build and test machine, good to go.  Here's the problem.  We build every night, as I assume many companies do, and we need a way to disable the warning popup that accompanies test-signed drivers (or unsigned). 

    Basically, we build and run regression on everything each night.  One of the steps is to take the installer, run it on a test machine, which installs the software and drivers.  Then, a test program is kicked on the test machine to make sure it's all working.

    This has always worked fine except for now when we try to get into Windows 7.  Now, when it's in the process of trying to install the drivers, there's a popup.  It's odd because the drivers are test-signed, certs are in trusted publisher/trusted root on both build and test machines and drivers are signed on the test machine.


    1: Seeing as the drivers are signed using a test-cert and test machine is booted into test mode, should I be getting the popup (as in, if I shouldn't then I did something wrong which would be awesome). 

    2: If the popup is supposed to be there, even though drivers are signed and test mode is on, how do I go about getting rid of it?

    Reading through some docs I notice that we're supposed to use test certs until we have finalized a version of the driver and then use a real cert to release it.  I am new to all this, so please go easy on me here (as in, if we're supposed to buy a certain cert first or anything like that, then please just let me know, as I do not currently know and am going on what I can find).

    PS: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows NT\Driver Signing does absolutely nothing (why is it even there?)

    PSS: Please only serious answers.  Answer asking why I might want to do this is not a valid answer.  This is a completely closed in set of machines so security is not an issue here.




    Monday, March 29, 2010 4:43 PM

All replies

  • Anyone at all?  Sure someone must also build/test regression like at night in this world and no one out there can point me in the right direction as to what I must do?  Buying WHQL every night would cost an absolute fortune and MS must know this so there has to be a way to get rid of the popup, I must be doing something wrong with the signing...  Please help.
    Monday, April 12, 2010 2:35 PM
  • matt_m,

    I feel your pain. I wish I had a solution for you. I'm looking for an answer to the exact same question. We build drivers and the than automatically push them into virtual machines for automated testing however the stupid box pops up that says cannot verify trusted publisher...blah blah.

    my vm is in test mode, i have test signed the driver and the .cat file. i have tried may different bcd settings combinations. UAC is completly turned off, vm account is set auto loggin and has full admin rights. yet i still get the popup and out automated testing is unable to run b/c of this.

    Would love love to know if you have found a solution?



    Monday, April 26, 2010 1:38 PM
  • figured it out actually

    your test cert need to be in the trusted root cert store AND the trusted publishers store

    Monday, April 26, 2010 2:39 PM
  • This doesn't help me in the least mate. Could you be any more obscure?
    Thursday, January 20, 2011 6:08 AM