View Single Post
  #2  
Old 01-26-2023, 12:15
Elisa3167 Elisa3167 is offline
Friend
 
Join Date: Dec 2022
Posts: 4
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 0
Thanks Rcvd at 10 Times in 3 Posts
Elisa3167 Reputation: 0
After you get a WHQL certificate, you have to add SHA-256 /fd 256, /td 256 and external timestamp to the command-line.

If you don't add an external timestamp, the codesign is considered "no-good" so you must add /tr.

Example:
signtool.exe sign /v /n "YourDrivername" /fd sha256 /td sha256 /tr http://timestamp.example.com/rfc3161 DriverFile.sys

Assuming you have a smartcard and smartcard reader, you have to sign-in to the smartcard device, then sign the EXE.

If you have a laptop, you need carry a mobile smartcard reader.

Advice.
Carry the smartcard around with you... Don't leave it for someone to take it...
Reply With Quote
The Following 3 Users Say Thank You to Elisa3167 For This Useful Post:
niculaita (01-27-2023), Stingered (01-26-2023), tonyweb (01-29-2023)