@ e.v.o:
Thanks for the script, but it didn’t work for me.
Which es the exact command to execute the script?
You have to put the file into a .zip or .rar archive. Other extensions are not accepted by the Forum software.
Put the script inside the Folder where "Driver Signature Certificate.cer" is.
Fire up a Admin PowerShell.
cd into the folder.
If you can’t execute the script: Set-ExecutionPolicy Unrestricted
Execute the script: .\Import-CertToRoot.ps1 (just type "im" and press tab)
Does it work now? If not: Whats the error message?
Thanks for the additional advices.
Obviously yes.
This is what I got:
My previous problems were mainly caused by the folder names within the path to the driver (the powershell doesn’t accept "&").
@ F5BJR:
Welcome at Win-RAID Forum and thanks for the .bat file for an easy import of the Win-RAID CA driver signature certificate.
Regards
Dieter (alias Fernando)
I played a litle bit arround and finally, I got this Script:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
echo off &TITLE Win-RAID CA.cer install script
:WELCOME
cls
echo.
echo This will install the "Win-RAID CA.cer" as Trusted Root and Trusted Publisher Certificate.
echo.
set /P "START=Continue? (y/n): "
if '%START%' equ 'y' goto WORK
if '%START%' equ 'n' goto :eof
goto WELCOME
:WORK
if not exist "%SYSTEMROOT%\System32\certutil.exe" goto CERTUTIL_NOT_FOUND
set "CA=%tmp%\Win-RAID CA.cer"
cls
echo ***************************************************************************
echo Creating 'Win-RAID CA.cer'
echo ***************************************************************************
echo.
:: extract certificat informations into tmp file
echo -----BEGIN CERTIFICATE----- > "%CA%.txt"
echo MIIGhzCCBG+gAwIBAgIQ5/ExbCzfI71GlXVExEmkNDANBgkqhkiG9w0BAQsFADCB>> "%CA%.txt"
echo lTElMCMGCSqGSIb3DQEJARYWZmVybmFuZG8udW5vQGdtYWlsLmNvbTELMAkGA1UE>> "%CA%.txt"
echo BhMCREUxCzAJBgNVBAgTAk5JMQ4wDAYDVQQHEwVKZXZlcjEZMBcGA1UEChMQd3d3>> "%CA%.txt"
echo Lndpbi1yYWlkLmNvbTERMA8GA1UECxMIRmVybmFuZG8xFDASBgNVBAMTC1dpbi1S>> "%CA%.txt"
echo QUlEIENBMB4XDTE1MTAyNTE4NTMyMloXDTM5MTIzMTIzNTk1OVowgZUxJTAjBgkq>> "%CA%.txt"
echo hkiG9w0BCQEWFmZlcm5hbmRvLnVub0BnbWFpbC5jb20xCzAJBgNVBAYTAkRFMQsw>> "%CA%.txt"
echo CQYDVQQIEwJOSTEOMAwGA1UEBxMFSmV2ZXIxGTAXBgNVBAoTEHd3dy53aW4tcmFp>> "%CA%.txt"
echo ZC5jb20xETAPBgNVBAsTCEZlcm5hbmRvMRQwEgYDVQQDEwtXaW4tUkFJRCBDQTCC>> "%CA%.txt"
echo AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANnjNZ0a7ultPdOGQOaEcd2h>> "%CA%.txt"
echo UImcX0685LMsVWei9gk3rpmLy2Sl7BxqeufC5EogXD9LZ1z4WE6Tw3NBUhgt0XrP>> "%CA%.txt"
echo ZWyfCNCUSfcvcV1dVux53LI+ySyUp2AcavHY8sbdhn7/jwHdkgTd3/xE+cn+U+2a>> "%CA%.txt"
echo 7X6Y0zQU7Sy8Up75ls7kq+rp61XfmntWIsGrtJbs09Bt3CYVo7SA57jHDJNGkuSV>> "%CA%.txt"
echo UwDNgUycuRiZT8qnarph0D3RamCpHYyEPnX87t0nRFbdRFMjI5JhBYuD/UE+2PXi>> "%CA%.txt"
echo 4+f2epX52VlpgqZn650kcTEmdl2sS+itxjQZpg1phRLrvYJHjShhNXYJZrq+WU1R>> "%CA%.txt"
echo ZdGOhH0cLz3yoAzW0JKwhOy8HgAjU1EkLcRYLtG6jl46BB6mEM8GXQXdogi9b+ul>> "%CA%.txt"
echo 6J1Pu6v7DvXY+CyJTHTX797DBdcSL/VWH9sA9cZ/ogLwu65BpD/m5ZhjpovX0AS4>> "%CA%.txt"
echo cI74ChYV0lXUhvWQ1KX5hBI4pPFjPZY+j3X5oagg7ERk2XVYdUBkwO8YAnF9O2lI>> "%CA%.txt"
echo s3r0KpZBTp5lvK+EdTp51VlK7LbMQQwwGMDOBGH6JHru7FR6f45a/1nKhcoNU689>> "%CA%.txt"
echo 0EQ9U/1vnOdiU3NVJC+DqtO9b1zvpDlwQUq075a4YizUQA4yj27biJH5dOERipGM>> "%CA%.txt"
echo s8BYrAZSh8m0Om/+/UmhAgMBAAGjgdAwgc0wgcoGA1UdAQSBwjCBv4AQ1POGTxms>> "%CA%.txt"
echo M91sp2WJs2oeOqGBmDCBlTElMCMGCSqGSIb3DQEJARYWZmVybmFuZG8udW5vQGdt>> "%CA%.txt"
echo YWlsLmNvbTELMAkGA1UEBhMCREUxCzAJBgNVBAgTAk5JMQ4wDAYDVQQHEwVKZXZl>> "%CA%.txt"
echo cjEZMBcGA1UEChMQd3d3Lndpbi1yYWlkLmNvbTERMA8GA1UECxMIRmVybmFuZG8x>> "%CA%.txt"
echo FDASBgNVBAMTC1dpbi1SQUlEIENBghDn8TFsLN8jvUaVdUTESaQ0MA0GCSqGSIb3>> "%CA%.txt"
echo DQEBCwUAA4ICAQDHTjgYnmRoQazjtYUXvlVzMDQ+81PN+Wfxe6HYJC2gUGJMFaeJ>> "%CA%.txt"
echo 43kkZPDgy7FAhmqxGTciUK42qRmYmE9cRtvBx/PI+VmtmNAhu3xaJHdFDZsyz6Ac>> "%CA%.txt"
echo 3j/3+HuA63MhXjEeO+XRBplYtg0xDJh8L7jFqLtMSUpET7mRA2i5ltOOv7eOrZcJ>> "%CA%.txt"
echo KGJHLqeGBlQOUyp2XVRO3Atg8H5E9Lr94VCAsN9eMyKkzI//iJLQm89FokjS9Qeo>> "%CA%.txt"
echo bDivRVZKqbcXx0RVSczmU/zAiVk87GEToJQyaKjp9KtOLyGNlEyb1WBb9CZUopaU>> "%CA%.txt"
echo H9b5qYmNJXR8lcmO2aGP61ssp1mQxWi+l9Ru8TKu32uGIazU34X3J8MUapkONLIj>> "%CA%.txt"
echo zboPzituAXyNQ0I6EHhw+RuAWpKhHSTpCzoONS38OJckhHtQImcMB75WUuxZO6LQ>> "%CA%.txt"
echo 1r2L6FrNAnHONSDPsOrYlowlE3qv6rCsKCgYKJEho8OlumLyUer6OYF/ujvmBnxy>> "%CA%.txt"
echo MMIjb8E9leWSexhIa4MipFWJ6JEoF/3TSg5uvUSBmwnVtC4rpuJyLIzIAAIA7I2W>> "%CA%.txt"
echo mkFzt1d8bScgw0aZmgFylOlfs6UG8wFByDqOxrIMMqgs0Uia06wzIWqXhU4UnaII>> "%CA%.txt"
echo 45UIXDc15FPanGjxbrP67bV92l7vpLzsyzxccVnADB6fK/F/EGByZiUAXA== >> "%CA%.txt"
echo -----END CERTIFICATE----- >> "%CA%.txt"
:: create Win-RAID CA.cer and delete tmp file
call %SYSTEMROOT%\System32\certutil.exe -decode "%CA%.txt" "%CA%"
call del /F "%CA%.txt"
echo. &echo.
echo ***************************************************************************
echo Installing 'Win-RAID CA.cer' as Trusted Root Certificate
echo ***************************************************************************
echo.
call %SYSTEMROOT%\System32\certutil.exe -f -addstore "Root" "%CA%"
echo. &echo.
echo ***************************************************************************
echo Installing 'Win-RAID CA.cer' as Trusted Publisher Certificate
echo ***************************************************************************
echo.
call %SYSTEMROOT%\System32\certutil.exe -f -addstore "TrustedPublisher" "%CA%"
echo. &echo.
@pause
call del /f "%CA%"
goto :eof
:CERTUTIL_NOT_FOUND
cls
echo.
echo Failure: Windows tool "Certutil.exe" not found.
echo Certificate couldn't be installed.
echo.
@pause
To be clear, I never had the original *.cer file. I downloaded one of Fernando's mod drivers and extraced the *.cer informations via Windows GUI. By using "certutil -encode File.cer" I got the text information presentet in the script above. The installation is done the reverse way by using the -decode switch to create the Win-RAID CA.cer file in windows temp directory. After this step, the certificat is installed via -addstore switch to trusted root and trusted publisher repository. With this skript, you do not need to deliver a seperate *.cer file as the script is allready containing it.
Maybe someone has some use for it. Have a nice Day. :-)
Edit 1: Forgot @pause after error message
Edit 2: Script file for download Attached
Edit 3: Corrected missing colon in goto instruction
Edit 4: Script is now using the new SHA256 "Win-RAID CA.cer"
Import Win-RAID CA.zip (2.29 KB)
@ Zwulf:
Welcome at Win-RAID Forum and big thanks to you for the script, which will make the use of my "mod+signed drivers" much easier.
@ all:
It would be fine, if anyone would test the script and report here, whether it works or not.
Greetings from Germany
Dieter (alias Fernando)
@ F5BJR:
Thank you very much for having posted a tip how to make it easier to import the Digital Signature of a signed driver onto another computer or after a fresh OS installation.
Meanwhile you obviously have found a solution yourself - congratulations!
Question:
What do you mean with "self-signed driver"? Have you signed it yourself or do you mean a driver, which has been modded and signed by me?
@ F5BJR:
Since I never have tried to modify the driver date and version within the related .INF file, I don’t know the exact reason for your troubles. Nevertheless I am pretty sure, that the OS hardware detection compares the date and version code of the .SYS file with the date and version data, which are written into the .INF file.
If you were right, you wouldn’t get any problem with the installation of your self-modded drivers.
I see a picture showing the content of your USB Flash drive. Which encouraging result did you get?
@ all:
Today have cleaned and renamed this thread, which previously was titled “Digital Signature for Modded Drivers” and had been started in April 2015 by our Forum member mrces2.
These were the reasons:
- The former start post (mrces2’s guide) and the later published script (written by the Forum member e.v.o) about how to create a digital “Win-RAID CA” signature for modded drivers, have been primarily designed for me and not for the public. Neither mrces2 nor e.v.o were and are interested in helping any visitors of this Forum to sign their own modded drivers with a “Win-RAID CA” certificate.
Since I am meanwhile able to digitally sign the drivers, which had been modded by me, there is no need for the related guides and scripts within this thread anymore. - Much more important for our Forum visitors is a guide about how to import the digital “Win-RAID CA” signature. Now I can put such guide into the start post of this thread and there is no need to post the related guide into all threads, where I am offering such drivers.
By the way: I have asked mrces2 and he agreed with the “cleanup” of this thread.
Please where to download Win-RAID CA?
@georgetoy :
Welcome at Win-RAID Forum!
Win-RAID CA is a Company and cannot be downloaded.
If you should mean the Win-RAID CA Certificate, it is within all mod+signed driverpacks, which I am offering within this Forum.
Regards
Dieter (alias Fernando)
OK, but I do not see download
You cannot download the Certificate file named Win-RAID CA.cer separately. It is within the "Win-RAID CA Certificate" subfolder of all my mod+signed driverpacks and has to be imported by executing the script file named ImportCertificate.cmd.
Unfortunately, I have to capitulate 
Why that?
What do you want to do resp. what are you searching for? Did you read the start post of this thread?