0

another new question. I have an Authenticode certificate and a driver. That driver is a kernel-mode driver, so I need to sign it using kernel-mode code signing. But my certificate is normal code signing and I think I can't use that with my kernel-mode driver. Anyone can answer?

Improve this question

1 Answer 1

Reset to default
2

The distinguishing feature of "kernel-mode code signing" certificates is the 2.23.140.1.4.1 policy OID listed under "Certificate policies". Because this is part of the certificate's (meta)data, and not just a different file format, you cannot add it to an existing certificate by hand (doing so would invalidate the CA signature); instead it needs to be added by the CA when the certificate is being issued.

Improve this answer
1
  • So I need to send a re-issue request?
    – Wolf20482
    Commented May 28, 2019 at 0:12

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .