S
stouri
Guest
hello
I am using a network protocol driver since a long time
we have now some problems to install this driver on some new PCs with Windows 10
sometime the installation work , sometime not with a message that the driver is not signed .
i use signtool to verify the driver signature , and on these not working PCs there is a message :
SignTool Error The signing certificate is not valid for the requested usage.
the section "Cross Certificate Chain" is missing
here is the dumping of signtool on not working PCs :
Verifying: ndisbia.sys
Signature Index: 0 (Primary Signature)
Hash of file (sha256): 14F1541B82231E0967E9128466670016AAD22EBD6FBA0113221D4DF284AC0117
Signing Certificate Chain:
Issued to: VeriSign Class 3 Public Primary Certification Authority - G5
Issued by: VeriSign Class 3 Public Primary Certification Authority - G5
Expires: Thu Jul 17 00:59:59 2036
SHA1 hash: 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Issued to: Symantec Class 3 SHA256 Code Signing CA
Issued by: VeriSign Class 3 Public Primary Certification Authority - G5
Expires: Sun Dec 10 00:59:59 2023
SHA1 hash: 007790F6561DAD89B0BCD85585762495E358F8A5
Issued to: BIA
Issued by: Symantec Class 3 SHA256 Code Signing CA
Expires: Sat Jun 29 00:59:59 2019
SHA1 hash: 24FA8317099B7354584D82AC613CD335766B878F
The signature is timestamped: Thu Jan 11 11:48:48 2018
Timestamp Verified by:
Issued to: VeriSign Universal Root Certification Authority
Issued by: VeriSign Universal Root Certification Authority
Expires: Wed Dec 02 00:59:59 2037
SHA1 hash: 3679CA35668772304D30A5FB873B0FA77BB70D54
Issued to: Symantec SHA256 TimeStamping CA
Issued by: VeriSign Universal Root Certification Authority
Expires: Sun Jan 12 00:59:59 2031
SHA1 hash: 6FC9EDB5E00AB64151C1CDFCAC74AD2C7B7E3BE4
Issued to: Symantec SHA256 TimeStamping Signer - G2
Issued by: Symantec SHA256 TimeStamping CA
Expires: Sun Apr 02 00:59:59 2028
SHA1 hash: 625AEC3AE4EDA1D169C4EE909E85B3BBC61076D3
SignTool Error The signing certificate is not valid for the requested usage.
Number of files successfully Verified: 0
Number of warnings: 0
Number of errors: 1
On Working PCs :
Verifying: ndisbia.sys
Signature Index: 0 (Primary Signature)
Hash of file (sha256): 14F1541B82231E0967E9128466670016AAD22EBD6FBA0113221D4DF284AC0117
Signing Certificate Chain:
Issued to: VeriSign Class 3 Public Primary Certification Authority - G5
Issued by: VeriSign Class 3 Public Primary Certification Authority - G5
Expires: Thu Jul 17 00:59:59 2036
SHA1 hash: 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Issued to: Symantec Class 3 SHA256 Code Signing CA
Issued by: VeriSign Class 3 Public Primary Certification Authority - G5
Expires: Sun Dec 10 00:59:59 2023
SHA1 hash: 007790F6561DAD89B0BCD85585762495E358F8A5
Issued to: BIA
Issued by: Symantec Class 3 SHA256 Code Signing CA
Expires: Sat Jun 29 00:59:59 2019
SHA1 hash: 24FA8317099B7354584D82AC613CD335766B878F
The signature is timestamped: Thu Jan 11 11:48:48 2018
Timestamp Verified by:
Issued to: VeriSign Universal Root Certification Authority
Issued by: VeriSign Universal Root Certification Authority
Expires: Wed Dec 02 00:59:59 2037
SHA1 hash: 3679CA35668772304D30A5FB873B0FA77BB70D54
Issued to: Symantec SHA256 TimeStamping CA
Issued by: VeriSign Universal Root Certification Authority
Expires: Sun Jan 12 00:59:59 2031
SHA1 hash: 6FC9EDB5E00AB64151C1CDFCAC74AD2C7B7E3BE4
Issued to: Symantec SHA256 TimeStamping Signer - G2
Issued by: Symantec SHA256 TimeStamping CA
Expires: Sun Apr 02 00:59:59 2028
SHA1 hash: 625AEC3AE4EDA1D169C4EE909E85B3BBC61076D3
Cross Certificate Chain:
Issued to: Microsoft Code Verification Root
Issued by: Microsoft Code Verification Root
Expires: Sat Nov 01 14:54:03 2025
SHA1 hash: 8FBE4D070EF8AB1BCCAF2A9D5CCAE7282A2C66B3
Issued to: VeriSign Class 3 Public Primary Certification Authority - G5
Issued by: Microsoft Code Verification Root
Expires: Mon Feb 22 20:35:17 2021
SHA1 hash: 57534CCC33914C41F70E2CBB2103A1DB18817D8B
Issued to: Symantec Class 3 SHA256 Code Signing CA
Issued by: VeriSign Class 3 Public Primary Certification Authority - G5
Expires: Sun Dec 10 00:59:59 2023
SHA1 hash: 007790F6561DAD89B0BCD85585762495E358F8A5
Issued to: BIA
Issued by: Symantec Class 3 SHA256 Code Signing CA
Expires: Sat Jun 29 00:59:59 2019
SHA1 hash: 24FA8317099B7354584D82AC613CD335766B878F
Successfully verified: ndisbia.sys
Number of files successfully Verified: 1
Number of warnings: 0
Number of errors: 0
thanks
Karim
Stouri
Continue reading...
I am using a network protocol driver since a long time
we have now some problems to install this driver on some new PCs with Windows 10
sometime the installation work , sometime not with a message that the driver is not signed .
i use signtool to verify the driver signature , and on these not working PCs there is a message :
SignTool Error The signing certificate is not valid for the requested usage.
the section "Cross Certificate Chain" is missing
here is the dumping of signtool on not working PCs :
Verifying: ndisbia.sys
Signature Index: 0 (Primary Signature)
Hash of file (sha256): 14F1541B82231E0967E9128466670016AAD22EBD6FBA0113221D4DF284AC0117
Signing Certificate Chain:
Issued to: VeriSign Class 3 Public Primary Certification Authority - G5
Issued by: VeriSign Class 3 Public Primary Certification Authority - G5
Expires: Thu Jul 17 00:59:59 2036
SHA1 hash: 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Issued to: Symantec Class 3 SHA256 Code Signing CA
Issued by: VeriSign Class 3 Public Primary Certification Authority - G5
Expires: Sun Dec 10 00:59:59 2023
SHA1 hash: 007790F6561DAD89B0BCD85585762495E358F8A5
Issued to: BIA
Issued by: Symantec Class 3 SHA256 Code Signing CA
Expires: Sat Jun 29 00:59:59 2019
SHA1 hash: 24FA8317099B7354584D82AC613CD335766B878F
The signature is timestamped: Thu Jan 11 11:48:48 2018
Timestamp Verified by:
Issued to: VeriSign Universal Root Certification Authority
Issued by: VeriSign Universal Root Certification Authority
Expires: Wed Dec 02 00:59:59 2037
SHA1 hash: 3679CA35668772304D30A5FB873B0FA77BB70D54
Issued to: Symantec SHA256 TimeStamping CA
Issued by: VeriSign Universal Root Certification Authority
Expires: Sun Jan 12 00:59:59 2031
SHA1 hash: 6FC9EDB5E00AB64151C1CDFCAC74AD2C7B7E3BE4
Issued to: Symantec SHA256 TimeStamping Signer - G2
Issued by: Symantec SHA256 TimeStamping CA
Expires: Sun Apr 02 00:59:59 2028
SHA1 hash: 625AEC3AE4EDA1D169C4EE909E85B3BBC61076D3
SignTool Error The signing certificate is not valid for the requested usage.
Number of files successfully Verified: 0
Number of warnings: 0
Number of errors: 1
On Working PCs :
Verifying: ndisbia.sys
Signature Index: 0 (Primary Signature)
Hash of file (sha256): 14F1541B82231E0967E9128466670016AAD22EBD6FBA0113221D4DF284AC0117
Signing Certificate Chain:
Issued to: VeriSign Class 3 Public Primary Certification Authority - G5
Issued by: VeriSign Class 3 Public Primary Certification Authority - G5
Expires: Thu Jul 17 00:59:59 2036
SHA1 hash: 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Issued to: Symantec Class 3 SHA256 Code Signing CA
Issued by: VeriSign Class 3 Public Primary Certification Authority - G5
Expires: Sun Dec 10 00:59:59 2023
SHA1 hash: 007790F6561DAD89B0BCD85585762495E358F8A5
Issued to: BIA
Issued by: Symantec Class 3 SHA256 Code Signing CA
Expires: Sat Jun 29 00:59:59 2019
SHA1 hash: 24FA8317099B7354584D82AC613CD335766B878F
The signature is timestamped: Thu Jan 11 11:48:48 2018
Timestamp Verified by:
Issued to: VeriSign Universal Root Certification Authority
Issued by: VeriSign Universal Root Certification Authority
Expires: Wed Dec 02 00:59:59 2037
SHA1 hash: 3679CA35668772304D30A5FB873B0FA77BB70D54
Issued to: Symantec SHA256 TimeStamping CA
Issued by: VeriSign Universal Root Certification Authority
Expires: Sun Jan 12 00:59:59 2031
SHA1 hash: 6FC9EDB5E00AB64151C1CDFCAC74AD2C7B7E3BE4
Issued to: Symantec SHA256 TimeStamping Signer - G2
Issued by: Symantec SHA256 TimeStamping CA
Expires: Sun Apr 02 00:59:59 2028
SHA1 hash: 625AEC3AE4EDA1D169C4EE909E85B3BBC61076D3
Cross Certificate Chain:
Issued to: Microsoft Code Verification Root
Issued by: Microsoft Code Verification Root
Expires: Sat Nov 01 14:54:03 2025
SHA1 hash: 8FBE4D070EF8AB1BCCAF2A9D5CCAE7282A2C66B3
Issued to: VeriSign Class 3 Public Primary Certification Authority - G5
Issued by: Microsoft Code Verification Root
Expires: Mon Feb 22 20:35:17 2021
SHA1 hash: 57534CCC33914C41F70E2CBB2103A1DB18817D8B
Issued to: Symantec Class 3 SHA256 Code Signing CA
Issued by: VeriSign Class 3 Public Primary Certification Authority - G5
Expires: Sun Dec 10 00:59:59 2023
SHA1 hash: 007790F6561DAD89B0BCD85585762495E358F8A5
Issued to: BIA
Issued by: Symantec Class 3 SHA256 Code Signing CA
Expires: Sat Jun 29 00:59:59 2019
SHA1 hash: 24FA8317099B7354584D82AC613CD335766B878F
Successfully verified: ndisbia.sys
Number of files successfully Verified: 1
Number of warnings: 0
Number of errors: 0
thanks
Karim
Stouri
Continue reading...