[wix-users] Windows can't verify the publisher of this driver software

Phill Hogland phill.hogland at rimage.com
Tue Sep 6 06:57:34 PDT 2016 

>> Even if we
click "Install Driver Anyway", it does not get moved to system32\drivers
and is not loaded (when checking via fltmc). We tried rebooting Windows
into "Disable driver signing enforcement" mode and received the same error.


These comments indicate that the problem is at the Window's class installer level and probably not related to your WiX authoring.  But the proof is in the pudding (i.e  your SetupAPI log).  Enable verbose logging for your SetupAPI logs and study them to narrow down the problem.

https://msdn.microsoft.com/en-us/windows/hardware/drivers/install/setting-setupapi-logging-levels


It could be related to the driver signing certificate as another poster suggested but check to see how your driver is being ranked.  If the driver is not WHQL signed, but has been signed by a private certificate (even if based on a public third-party root certificate) then that certificate must be imported into both the Trusted Root and Trusted Publisher stores of the LocalMachine store (not the personal store)

https://technet.microsoft.com/en-us/library/dd919238(v=ws.10).aspx


If a higher ranked driver is already installed, then it won't matter until that driver is removed.  But I hope you are doing this testing on a clan VM which you can reset after each try until you get the basic install/ remove of your deployment process worked out.


After evaluating the setupAPI log and determining what the real problem is, if you need to install a certificate in your setup, then look at Certificate in the WixIisExtenstion for assistance with that detail.


One other detail that I have run into is that if you are using the DifxAppExtension, then your Product/@Manufacture needs to match the Manufacture as defined in the driver's INF file, at least that has been my observation.

________________________________
From: wix-users <wix-users-bounces at lists.wixtoolset.org> on behalf of Naval Prakash <naval.prakash at gmail.com>
Sent: Tuesday, September 6, 2016 8:33:29 AM
To: WiX Toolset Users Mailing List
Subject: Re: [wix-users] Windows can't verify the publisher of this driver software

did you use 3rd party code signing certificate ? if so, then you would need
to create a catalog file and sign it besides signing th edriver component.
Also, you would need to add the certificate in the trusted publisher
certificate store of the target machine. ( where installation is taking
place).

On Tue, Sep 6, 2016 at 6:41 PM, Brett Cunningham <brettcu at gmail.com> wrote:

> I have a driver that seems to be properly signed. After compiling the WiX
> source and performing the MSI installation, we get a pop-up that says
> "Windows Can'tVerify the Publisher of this Driver Software". Even if we
> click "Install Driver Anyway", it does not get moved to system32\drivers
> and is not loaded (when checking via fltmc). We tried rebooting Windows
> into "Disable driver signing enforcement" mode and received the same error.
>
> Below is our WiX script. Scanner.sys is the file we are having issues
> with. Thank you in advance for any help!
>
> <?xml version='1.0' encoding='windows-1252'?>
>
> <?if $(sys.BUILDARCH) = x64 ?>
>   <?define ProductUpgradeCode = "EE25F08C-3599-A764-8AB6-0E40889481B4" ?>
>   <?define Win64 = "yes" ?>
>   <?define PlatformSystemFolder = "System64Folder" ?>
>   <?define PlatformProgramFilesFolder = "ProgramFiles64Folder" ?>
>   <?define Folder="64"?>
> <?else ?>
>   <?define ProductUpgradeCode = "E7E6A731-1D12-5823-4153-D5100B0E64CB" ?>
>   <?define Win64 = "no" ?>
>   <?define PlatformSystemFolder = "SystemFolder" ?>
>   <?define PlatformProgramFilesFolder = "ProgramFilesFolder" ?>
>   <?define Folder="32"?>
> <?endif ?>
>
> <Wix xmlns='http://schemas.microsoft.com/wix/2006/wi'
>      xmlns:difx='http://schemas.microsoft.com/wix/DifxAppExtension'>
>   <Product Name='Hipara' Id='*'
> UpgradeCode='EE9DED37-5F61-4EBF-A81D-A39EC89D383C'
>     Language='1033' Codepage='1252' Version='1.0.2' Manufacturer='Allsum
> LLC'>
>
>     <Package Id='*' Keywords='Installer'
>       Description="Allsum's Hipara Installer"
>       Comments='Hipara is a registered trademark of Allsum LLC'
> Manufacturer='Allsum LLC'
>       InstallerVersion='200' Languages='1033' Compressed='yes'
> SummaryCodepage='1252'
>       Platform='x64'/>
>
>     <MajorUpgrade DowngradeErrorMessage="A later version of [ProductName]
> is already installed. Setup will now exit."/>
>
>     <Media Id='1' Cabinet='Sample.cab' EmbedCab='yes' DiskPrompt="Hipara
> Media" CompressionLevel="high" />
>     <Property Id='DiskPrompt' Value="Allsum's Hipara Installation" />
>
>     <Directory Id='TARGETDIR' Name='SourceDir'>
>       <Directory Id='ProgramFiles64Folder' Name='PFiles'>
>         <Directory Id='MANF' Name='Allsum'>
>           <Directory Id='INSTALLDIR' Name='Hipara'>
>
>             <Directory Id='MEMSCAN' Name='memscan'>
>               <Component Id='MemINF' Win64='yes'>
>                 <File Id='MemInf' Source='hiparamemscan.inf' KeyPath='yes'
> />
>               </Component>
>
>               <Component Id='MemSYS' Win64='yes'>
>                 <File Id='MemSYS' Source='hiparamemscan.sys' KeyPath='yes'
> />
>               </Component>
>             </Directory>
>
>             <Directory Id='SIGSDIR' Name='signatures'>
>               <Component Id='DefaultSignatures' Win64='yes'>
>                 <File Id='DefaultSignatures' Source='signatures.yar'
> KeyPath='yes' />
>               </Component>
>             </Directory>
>
>           </Directory>
>         </Directory>
>       </Directory>
>
>       <Directory Id="ProgramMenuFolder" Name="Programs">
>         <Directory Id="ProgramMenuDir" Name="Hipara">
>           <Component Id="ProgramMenuDir">
>             <RemoveFolder Id='ProgramMenuDir' On='uninstall' />
>             <RegistryValue Root='HKCU'
> Key='Software\[Manufacturer]\[ProductName]' Type='string' Value=''
> KeyPath='yes' />
>           </Component>
>         </Directory>
>       </Directory>
>     </Directory>
>
>     <ComponentGroup Id='MyFiles' Directory='INSTALLDIR'>
>
>       <Component Id="RegistryEntries" Win64='yes'>
>         <RegistryKey Root="HKLM"
>                      Key="Software\Microsoft\Windows\CurrentVersion\Run">
>           <RegistryValue Type="string" Name="Hipara"
> Value="[INSTALLDIR]hipara.exe" KeyPath="yes"/>
>         </RegistryKey>
>       </Component>
>
>       <Component Id='ScannerDriver' Win64='yes'>
>         <File Id='ScannerSYS' Source='scanner.sys' KeyPath='yes' />
>         <File Id='ScannerINF' Source='scanner.inf' />
>         <File Id='ScannerCAT' Source='scanner.cat' />
>         <difx:Driver Legacy='no' />
>       </Component>
>
>       <Component Id='MemDLL' Win64='yes'>
>         <File Id='MemDll' Source='hiparamemscandll.dll' KeyPath='yes' />
>       </Component>
>
>       <Component Win64='yes'>
>         <File Id='HiparaEXE' Source='hipara.exe' />
>         <Shortcut Id="startmenHipara" Directory="ProgramMenuDir"
> Name="Hipara" WorkingDirectory='INSTALLDIR' Icon="hipara.exe" IconIndex="0"
> Advertise="yes" />
>       </Component>
>
>       <Component Id='msvcrLibrary' Win64='yes'>
>         <File Id='msvcrLibrary' Source='msvcr120.dll' KeyPath='yes' />
>       </Component>
>
>       <Component Id='msvcpLibrary' Win64='yes'>
>         <File Id='msvcpLibrary' Source='msvcp120.dll' KeyPath='yes' />
>       </Component>
>
>       <Component Id='mfcLibrary' Win64='yes'>
>         <File Id='mfcLibrary' Source='mfc120u.dll' KeyPath='yes' />
>       </Component>
>
>       <Component Id='config' Win64='yes'>
>         <File Id='config' Source='config.ini' KeyPath='yes' />
>       </Component>
>
>       <Component Id='Jansson' Win64='yes'>
>         <File Id='Jansson' Source='jansson64.dll' KeyPath='yes' />
>       </Component>
>
>       <Component Id='Libcurl' Win64='yes'>
>         <File Id='Libcurl' Source='libcurl.dll' KeyPath='yes' />
>       </Component>
>     </ComponentGroup>
>
>     <Feature Id='Complete' Title='Hipara' Description='The complete
> package.'
>       Display='expand' Level='1' ConfigurableDirectory='INSTALLDIR'>
>       <Feature Id='Hipara' Title='Hipara' Description='The main
> executable.' Level='1'>
>         <ComponentGroupRef Id='MyFiles' />
>         <ComponentRef Id='MemINF' />
>         <ComponentRef Id='MemSYS' />
>         <ComponentRef Id='DefaultSignatures' />
>
>         <ComponentRef Id='ProgramMenuDir' />
>         <ComponentRef Id="RegistryEntries" />
>       </Feature>
>     </Feature>
>
>     <CustomAction Id="LaunchHiparaEXE"
>               Directory="INSTALLDIR"
>               ExeCommand="[INSTALLDIR]hipara.exe"
>               Return="asyncNoWait"
>                   >
>     </CustomAction>
>
>     <InstallExecuteSequence>
>       <Custom Action="LaunchHiparaEXE" After="InstallFinalize">NOT
> Installed AND UILevel < 5</Custom>
>     </InstallExecuteSequence>
>
>
>     <Property Id="WixShellExecTarget" Value="[#HiparaEXE]" />
>     <CustomAction Id="LaunchApplication" BinaryKey="WixCA"
> DllEntry="WixShellExec" Impersonate="yes" />
>
>     <UI>
>       <UIRef Id="WixUI_Minimal" />
>       <Publish Dialog="ExitDialog"
>           Control="Finish"
>           Event="DoAction"
>           Value="LaunchApplication">NOT Installed</Publish>
>     </UI>
>
>     <Property Id="WIXUI_INSTALLDIR" Value="INSTALLDIR" />
>     <WixVariable Id="WixUILicenseRtf" Value="License.rtf" />
>     <Icon Id="hipara.exe" SourceFile="hipara.exe" />
>
>   </Product>
> </Wix>
>
> ____________________________________________________________________
> WiX Toolset Users Mailing List provided by FireGiant
> http://www.firegiant.com/
>

____________________________________________________________________
WiX Toolset Users Mailing List provided by FireGiant http://www.firegiant.com/

More information about the wix-users mailing list