New
#11
Thanks!
Hmmm...that was an excellent question. I don't know, never tried it, since I don't develop drivers. Maybe I should, now that it seems the Windows BT stack could be a bit broken (or then just protocols are missing) in RS4 and there always seems to be issues with Intel and NVidia drivers.
Edit: According to MS and other sources, these certificates should be enough for self-signing drivers too.
POWERSHELL ONLY SOLUTION:
The following is a powershell-only solution which will not require the installation of extra software/tools/features (at least on Windows 10):
#Open up a Powershell window—with Admin privileges—and run the following to create the self-signed certificate and save it to the PS variable of your choice. Below, the naming distinction mycert is used. I recommend that or just copy/paste the code.
#Next, to verify the certificate was created, simply type the variable you just created.Code:$mycert = New-SelfSignedCertificate -Subject "CN=PowerShell signing example" ` -KeyAlgorithm RSA -KeyLength 2048 -Type CodeSigningCert ` -CertStoreLocation Cert:\LocalMachine\My\
#For example, the above would be $cert
#Hit enter, and the thing should print out a thumbprint to the screen.
#Now, with that outta the way, you need to move the certificate you just created the root cert store on your machine.
#To do this, run the following command (take note of the variable name; i.e. use what you used above):
#Finally, with that out of the way, you can sign your script with the following commandCode:Move-Item "Cert:\LocalMachine\My\$($mycert.Thumbprint)" Cert:\LocalMachine\Root
Code:set-AuthenticodeSignature C:\Path\To\Script\test.ps1 $mycert
Once you run that command, you should receive output on the console displaying the successful signing.
Incidentally, I had tried this route before but kept failing because I didn't move the certificate to the root cert store. Now I know.
In the end, I don't feel better about this compared to having just changed the execution-policy.
For those interested in the guide referenced for this method, please visit this link.
For those interested in the guide referenced for the first method (on page 1), click this link.
P.S. - I knew the code I used looked familiar, and I eventually wound up finding (piece by piece) the entire guide on another site.
P.P.S. - We shouldn't be required to do all of this just to get a few permanent aliases in Powershell.
That is one way to do it! :)
I have been looking into this, but I'm still not quite convinced. The descriptions on the interwebs are a bit around the bush when it comes to explaining things.
Let's work on this further.
About self-signing drivers: check in with Fernando (Dieter, the owner/operator) at Win-RAID.com. He's been doing that for years because of all the driver mods he posts on his site. Once you load his certificate, you can also load and use any of his drivers. It's a fair amount of work (with some expense for obtaining and maintaining a certificate) but it can indeed be done.
HTH,
--Ed--