Anatoly Greenblatt wrote: > Hi Stan, > > I think you missed Verisign's cross-certificate: MSCV-VSClass3.cer. > > for %%f in ( *.sys ) do ( > signtool sign /v /ac MSCV-VSClass3.cer /n "Voltaire" %TS% > %%f
Yes, in order for kernel mode drivers to install, the trust chain needs to terminate @ Microsoft. Thank you. Stan. > > Regards, > Anatoly. > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Smith, Stan > Sent: Saturday, September 06, 2008 03:23 > To: [email protected] > Subject: [ofw] Failing Server 2008/Vista mthca.sys driver install > > Hi, > Does this error condition make sense to anyone? The driver .sys > files verifies with the .cat file. Installer thinks everything is OK. > Deep down in the basement of Event viewer->code integrity I find the > following. > Any clues to the real error here; seen this before? > > Thanks, > > Stan. > > PS: Server 2003 & XP install the drivers just fine. > > > Log Name: Microsoft-Windows-CodeIntegrity/Operational > Source: Microsoft-Windows-CodeIntegrity > Date: 9/5/2008 2:20:57 PM > Event ID: 3004 > Task Category: (1) > Level: Error > Keywords: > User: SYSTEM > Computer: CN07 > Description: > Windows is unable to verify the image integrity of the file > \Device\HarddiskVolume1\Windows\System32\drivers\mthca.sys > because file hash could not be found on the system. A recent hardware > or software change > might have installed a file that is signed incorrectly or damaged, or > that might be > malicious software from an unknown source. > Event Xml: > <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event";> > <System> > <Provider Name="Microsoft-Windows-CodeIntegrity" > Guid="{4ee76bd8-3cf4-44a0-a0ac-3937643e37a3}" /> > <EventID>3004</EventID> > <Version>0</Version> > <Level>2</Level> > <Task>1</Task> > <Opcode>104</Opcode> > <Keywords>0x8000000000000000</Keywords> > <TimeCreated SystemTime="2008-09-05T21:20:57.125Z" /> > <EventRecordID>44</EventRecordID> > <Correlation /> > <Execution ProcessID="4" ThreadID="72" /> > <Channel>Microsoft-Windows-CodeIntegrity/Operational</Channel> > <Computer>CN07</Computer> > <Security UserID="S-1-5-18" /> > </System> > <EventData> > <Data Name="FileNameLength">58</Data> > <Data > Name="FileNameBuffer">\Device\HarddiskVolume1\Windows\System32\drivers\m > thca.sys</Data> > </EventData> > </Event> > > How mthca.cat was signed. > > Cross cert generation: .pvk + .spc + password --> > WinOF_Software_Pub.pfx > > .pfx file added to the Personal certificate store of the local > computer that signs the driver. > > %CD%=wlh\bin\bin\HCA - amd64 contains all files referenced by > mthca.inf for x64 install > > inf2cat /driver:%CD%\amd64 /os:Server2008_X64,Vista_X64 > > set TS=/t http://timestamp.verisign.com/scripts/timstamp.dll > > signtool sign /a /f WinOF_Software_Pub.pfx /p xxx %TS% mthca.cat > > signtool verify /kp /v /c mthca.cat mthca.sys > > Verifying: mthca.sys > File is signed in catalog: mthca.cat > Signing Certificate Chain: > Issued to: Class 3 Public Primary Certification Authority > Issued by: Class 3 Public Primary Certification Authority > Expires: 8/1/2028 4:59:59 PM > SHA1 hash: 742C3192E607E424EB4549542BE1BBC53E6174E2 > > Issued to: VeriSign Class 3 Code Signing 2004 CA > Issued by: Class 3 Public Primary Certification Authority > Expires: 7/15/2014 4:59:59 PM > SHA1 hash: 197A4AEBDB25F0170079BB8C73CB2D655E0018A4 > > Issued to: OpenFabrics Alliance > Issued by: VeriSign Class 3 Code Signing 2004 CA > Expires: 8/20/2009 4:59:59 PM > SHA1 hash: 50AEA9397BD672F24FE4B15CF6461FED5E8EA270 > > The signature is timestamped: 9/5/2008 11:07:04 AM > Timestamp Verified by: > Issued to: Thawte Timestamping CA > Issued by: Thawte Timestamping CA > Expires: 12/31/2020 4:59:59 PM > SHA1 hash: BE36A4562FB2EE05DBB3D32323ADF445084ED656 > > Issued to: VeriSign Time Stamping Services CA > Issued by: Thawte Timestamping CA > Expires: 12/3/2013 4:59:59 PM > SHA1 hash: F46AC0C6EFBB8C6A14F55F09E2D37DF4C0DE012D > > Issued to: VeriSign Time Stamping Services Signer - G2 > Issued by: VeriSign Time Stamping Services CA > Expires: 6/14/2012 4:59:59 PM > SHA1 hash: ADA8AAA643FF7DC38DD40FA4C97AD559FF4846DE > > Successfully verified: mthca.sys > > Number of files successfully Verified: 1 > Number of warnings: 0 > Number of errors: 0 > _______________________________________________ > ofw mailing list > [email protected] > http://lists.openfabrics.org/cgi-bin/mailman/listinfo/ofw _______________________________________________ ofw mailing list [email protected] http://lists.openfabrics.org/cgi-bin/mailman/listinfo/ofw
