资源-WHQL申请及数字证书资料  

支持Vista内核模式代码签名(Vista Kernel Mode Code Signing)的数字证书有哪些?

Root Authority Cross-Certificate List Root Authority Cross-Certificate List
Baltimore CyberTrust Root Baltimore CyberTrust Root
Equifax Secure Certificate Authority Equifax Secure Certificate Authority
GTE CyberTrust Global Root GTE CyberTrust Global Root
GlobalSign Root CA GlobalSign Root CA
GeoTrust Global CA GeoTrust Global CA
VeriSign Class 3 Public Primary Certification Authority VeriSign Class 3 Public Primary Certification Authority

 

A cross-certificate is a certificate issued by one Certificate Authority (CA) that signs the public key for the root certificate of another Certificate Authority. Cross-certificates provide a means to create a chain of trust from a single, trusted, root CA to multiple other CAs.

In Windows Vista, cross-certificates:

 

Allow the operating system kernel to have a single trusted Microsoft root authority.

 

Extend the chain of trust to multiple commercial CAs that issue Software Publisher Certificates, which are used for code-signing software for distribution, installation, and loading on Windows.

The cross-certificates provided here are used with the Windows Driver Kit (WDK) code-signing tools for properly signing kernel-mode software. Digitally signing kernel-mode software is similar to code-signing any software published for Windows. Cross-certificates are added to the digital signature by the developer or software publisher when signing the kernel-mode software. The cross-certificate itself is added by the code-signing tools to the digital signature of the binary file or catalog.

Notes:

 

For x64 editions of Windows Vista, all kernel-mode code must be digitally signed.

 

You do not need to distribute the cross-certificate as a separate file in software distribution packages that contain signed kernel-mode code.

 

Root Authority Cross-Certificate List

Microsoft provides a specific cross-certificate for each Certificate Authority that issues code-signing certificates for code-signing kernel-mode code. This list shows the correct cross-certificate for the root authority that issued your Software Publisher Certificate. Follow the steps above to identify your Certificate Authority, and then download the related cross-certificate.

Baltimore CyberTrust Root

Issuer identification in Certification properties:
CN = Baltimore CyberTrust Root
OU = CyberTrust
O = Baltimore
C = IE

Valid to: Monday, May 12, 2025 4:59:00 PM

Root certificate thumbprint:
d4 de 20 d0 5e 66 fc 53 fe 1a 50 88 2c 78 db 28 52 ca e4 74

Cross-certificate thumbprint:
06 af 96 ac 6c 4a b4 76 aa e9 15 06 d3 7c 2b 1b 48 88 97 e9

?Download cross-certificate for Baltimore CyberTrust Root
(Certificate file in a 37 KB self-extracting zip file)

Equifax Secure Certificate Authority

Issuer identification in Certification properties:
OU = Equifax Secure Certificate Authority
O = Equifax
C = US

Valid to: Wednesday, August 22, 2018 9:41:51 AM

Root certificate thumbprint:
d2 32 09 ad 23 d3 14 23 21 74 e4 0d 7f 9d 62 13 97 86 63 3a

Cross-certificate thumbprint:
35 0d 68 90 31 00 98 3f 80 4d b2 65 f9 a5 e2 45 d9 c5 92 28

?Download cross-certificate for Equifax Secure Certificate Authority
(Certificate file in a 37 KB self-extracting zip file)

GTE CyberTrust Global Root

Issuer identification in Certification properties:
CN = GTE CyberTrust Global Root
OU = GTE CyberTrust Solutions, Inc.
O = GTE Corporation
C = US

Valid to: Monday, August 13, 2018 4:59:00 PM

Root certificate thumbprint:
97 81 79 50 d8 1c 96 70 cc 34 d8 09 cf 79 44 31 36 7e f4 74

Cross-certificate thumbprint:
d5 59 75 25 e4 fb 50 61 93 e0 95 a8 91 ee 88 f6 aa d1 10 f9

?Download cross-certificate for GTE CyberTrust Global Root
(Certificate file in a 37 KB self-extracting zip file)

GlobalSign Root CA

Issuer identification in Certification properties:
CN = GlobalSign Root CA
OU = Root CA
O = GlobalSign nv-sa
C = BE

Valid to: Tuesday, January 28, 2014 5:00:00 AM

Root certificate thumbprint:
2f 17 3f 7d e9 96 67 af a5 7a f8 0a a2 d1 b1 2f ac 83 03 38

Cross-certificate thumbprint:
3e eb 27 50 a1 99 f5 e7 b6 a8 95 24 30 be 50 62 fe 04 e9 e5

?Download cross-certificate for GlobalSign Root CA
(Certificate file in a 37 KB self-extracting zip file)

GeoTrust Global CA

Issuer identification in Certification properties:
CN = GeoTrust Global CA
O = GeoTrust Inc.
C = US

Valid to: Friday, May 20, 2022 9:00:00 PM

Root certificate thumbprint:
de 28 f4 a4 ff e5 b9 2f a3 c5 03 d1 a3 49 a7 f9 96 2a 82 12

Cross-certificate thumbprint:
a0 65 5e bd 95 c2 26 f3 e3 bf 06 42 95 cb 5c 94 cb 1d 3b 16

?Download cross-certificate for GeoTrust Global CA
(Certificate file in a 37 KB self-extracting zip file)

VeriSign Class 3 Public Primary Certification Authority

Issuer identification in Certification properties:
OU = Class 3 Public Primary Certification Authority
O = VeriSign, Inc.
C = US

Valid to: Tuesday, August 01, 2028 4:59:59 PM

Root certificate thumbprint:
74 2c 31 92 e6 07 e4 24 eb 45 49 54 2b e1 bb c5 3e 61 74 e2

Cross-certificate thumbprint:
58 45 53 89 cf 1d 0c d6 a0 8e 3c e2 16 f6 5a df f7 a8 64 08

?Download cross-certificate for VeriSign Class 3 Public Primary Certification Authority
(Certificate file in a 37 KB self-extracting zip file)