I have a Windows kernel driver that I have signed with a DigiCert EV code signing certificate. Unfortunately, Windows 10 rejects the file even though it is signed by me and Microsoft.
This is what I did:
I submitted the package to the Windows Partner Center as a hardware submission, and it was successfully signed by Microsoft. I selected every listed version of Windows that was not ARM based, for what signatures I was requesting.
I run this command to confirm that the driver is signed well enough for Windows to accept it:
signtool verify gsllc.sys
It gives the following response:
SignTool Error: A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
Number of errors: 1
When I attempt to load the driver into Windows 10, current version, the event log shows the following error:
The gsllc service failed to start due to the following error: A certificate was explicitly revoked by its issuer.
My certificate is only days old, and it hasn't been revoked according to DigiCert.
Anybody have any idea what could be wrong here?