Устранение ошибки «Системе Windows требуется драйвер с цифровой подписью»

Системе Windows требуется драйвер с цифровой подписью

Причина появления такого предупреждения очень проста – у системного ПО, которое вы пытаетесь установить, отсутствует зарегистрированная цифровая подпись. Суть в том, что начиная с седьмой версии Виндовс, в ОС этого семейства встроена система защиты, которая отклоняет инсталляцию драйверов без этого компонента, заверенного Microsoft. Сделано это в целях безопасности: некоторые вредоносные программы использовали такую лазейку для получения полного доступа к зараженному компьютеру. Однако разработчики предусмотрели ситуации, в которых эта функция будет только вредной, поэтому добавили возможность её отключения.

Внимание! Манипуляции, описываемые далее, при неправильном исполнении могут нанести вред вашему компьютеру, поэтому вы совершаете их на свой страх и риск!

Способ 1: ReadyDriver Plus

Самый простой метод отключения озвученной проверки заключается в использовании специальной утилиты под названием ReadyDriver Plus. Программа работает по следующему принципу: устанавливает собственные файлы в загрузочный каталог Windows, что позволяет при старте системы выбрать вариант загрузки.

1. Рассмотрим подробно наиболее важный процесс работы с приложением – его инсталляцию. Для работы ему нужно поместить свои данные в папку BOOT, о чём и предупреждает инсталлятор. В обычных условиях «Мастер по установке» самостоятельно находит этот каталог, руководствуясь системным реестром, но в случае изменения настроек директории по умолчанию её понадобится выбрать вручную. В нормальных условиях она скрыта, поэтому понадобится сделать её видимой.

Урок: Как показать скрытые файлы и папки в Windows 7
После выбора загрузочной папки инсталлятор ReadyDriver Plus предложит настроить дополнительные параметры. Как правило, здесь менять ничего не нужно, поэтому просто нажмите «Next».

Дождитесь, пока установка будет завершена. Для проверки работоспособности утилиты попробуйте перезагрузить компьютер – должен появиться экран с выбором режимов загрузки, обычным и с названием приложения. В последнем средство проверки подписи будет отключено.

Данный метод удобен, однако в некоторых специфических вариантах инсталляции «семёрки» он работает со сбоями.

Способ 2: Отключение проверки цифровой подписи

Представленная выше утилита, конечно, далеко не единственный вариант устранения рассматриваемой ошибки. Существует также множество других путей выключения сверки подписи, в том числе и чисто системными средствами. Все они перечислены в отдельном подробном руководстве, ссылку на которое приводим ниже.

Заключение

Как видим, у ошибки «Системе Windows требуется драйвер с цифровой подписью» есть только одно надёжное решение, и заключается оно в обходе установленных ограничений. При этом стоит иметь в виду, что непосредственное отключение проверки цифровой подписи может негативно сказаться на работоспособности ОС, поэтому прибегайте к этому только в самом крайнем случае.

Fix: Windows Requires a Digitally Signed Driver Windows 7, 8 and 10

What are Digitally Signed Drivers? Digitally Signed Drivers are signed drivers from it’s vendors that ensures driver integrity and checksum to make sure that the Driver file being installed isn’t modified in anyway other then what the Signing Authority has allowed or modified.

The error “Windows requires a digitally signed driver” occurs when Windows blocks the installation of a driver when it is without a digital signature.

How to fix Windows requires a Digitally Signed Driver

Windows allows you to proceed with the installation by turning off the digital signature check – which isn’t recommended but needed sometimes when the Driver isn’t signed but it is an original driver. There are several fixes that we have gathered and tested that would fix this issue. This guide applies to fixing Digitally Signed Driver is Required Error on Windows 10, Windows 8 or Windows 7

Disable Driver Signing

Driver signing, like mentioned before, is enabled by default in Windows operating system as a way to make sure that malicious software disguised as drivers are not installed on your computer. It adds an extra layer of security for your computer. However, if this is causing errors and not letting you install third-party drivers, you can disable the driver signing using the steps below:

1. Press Windows + R, type “gpedit.msc” in the dialogue box and press Enter.
2. Once in the group policy editor, navigate to the following path:

1. Select the option Enabled and from the drop-down, select Ignore (under ‘When Windows detects a file without drivers’).

1. Press OK to save changes and exit. Now check if the problem is solved.

Turning TESTSIGNING On

The TESTSIGNING determines whether Windows will install any test-signed kernel-mode code which is not digitally signed by relevant software companies. This is another safe guard which acts like a firewall to prevent any kernel-level drivers from being installed unless they are in the whitelist. If you really want to install the driver despite the safe measures by Windows, you can turn TESTSIGNING on.

1. Press Windows + S, type “command prompt” in the dialogue box, right-click on the application and select “Run as administrator”.
2. Once in the command prompt, execute the following command:

1. Now restart your computer properly. After restarting, log back in and try installing the driver.
2. If you ever want to turn the test mode off, execute the following command:

Permanently disabling driver signature enforcement

Another you can try if all the above methods fail is disabling the driver signature enforcement on your computer off permanently. You will have to manually turn the mechanism on again and there will be no safe guards for any drivers installed on your computer. Make sure you keep this method as a last resort.

1. Press Windows + R, type “command prompt” in the dialogue box, right-click on the application and select “Run as administrator”.
2. Once in the command prompt, execute the following command:

Restart your computer completely and try installing the driver.

1. If you ever want to turn the enforcement mechanism back on, execute the following command:

Note: Usually all verified and genuine drivers are digitally signed. Make sure that you are completely positive of the driver before installing.

Windows Driver Signing Tutorial

This tutorial provides an overview and details the steps to sign driver binaries for Windows in one consolidated location. The following subtopics describe the process:

Overview

Starting with WindowsВ Vista, x64-based versions of Windows required all software running in kernel mode, including drivers, to be digitally signed in order to be loaded.

Microsoft provides the following two ways to digitally sign drivers:

1. Certify your driver with Microsoft and Microsoft will provide a signature for it. When your driver package passes the certification tests, it can be signed by Windows Hardware Quality Labs (WHQL). If your driver package is signed by WHQL, it can be distributed through the Windows Update program or other Microsoft-supported distribution mechanisms.
2. Vendors or driver developers can obtain a software publishing certificate (SPC) from a Microsoft authorized Certificate Authority (CA) and use it to sign kernel mode and user mode binaries by themselves.

In the case of boot-start drivers during system start, drivers that are loaded by the system loader (WindowsВ Vista and later versions of Windows), vendors must use a Software Publishers Certificate (SPC) to embed-sign their driver binary image file.

NoteВ В The mandatory kernel-mode code-signing policy applies to all kernel-mode software for x64-based systems that are running on WindowsВ Vista and later versions of Windows. However, Microsoft encourages publishers to digitally sign all kernel-mode software, including device drivers (user-mode drivers included) for 32-bit systems as well. WindowsВ Vista and later versions of Windows, verify kernel-mode signatures on 32-bit systems. Software to support protected media content must be digitally signed even if it is 32-bit.

User-mode drivers, like the Printer driver will install and work in an x64-based computer. A dialog will appear to the user during installation asking for approval to install the driver. Beginning in WindowsВ 8 and later versions of Windows, installation will not proceed unless these driver packages are also signed.

The following resources describe Driver Signing in greater detail:

Windows requires a digitally signed driver

Device Drivers are necessary for communication between hardware and software of an operating system. Some drivers are digitally signed. Digitally signed drivers are drivers which signed by their issuing authority in such a manner that the end-user or any third party cannot modify them. At times, users are unable to install or update drivers and get the error – Windows requires a digitally signed driver.

Driver Signing is the process of associating a digital signature with a driver package. Windows device installations use digital signatures to verify the integrity of the driver packages and to verify the identity of the vendor who provides the driver packages.

The drivers you normally install on your computer from Windows Update, Original Equipment Manufacturers or some 3th-party driver download software, etc. must be digitally verified by Microsoft via a digital signature. It is an electronic security mark that certifies the publisher for the driver, as well as all the relevant information related to it. If a driver isn’t certified by Microsoft, Window won’t run them on either 32-bit or 64-bit system. This is referred to as “driver signature enforcement”.

Windows 10 will load only Kernel mode drivers signed digitally by the Dev Portal. However, the changes will affect only the new installations of the operating system with Secure Boot on. The non-upgraded fresh installations would require drivers signed by Microsoft.

Windows requires a digitally signed driver

The error means the driver you are trying to install or update hasn’t been digitally signed by the issuing authority. Thus you wouldn’t be able to use it. The solutions to this problem are as follows:

1. Update the drivers from the manufacturer’s website
2. Disable driver signing using Group Policy Editor

1] Update the drivers from the manufacturer’s website

The reason you face this problem at the first place is that you might have downloaded the drivers from an external media or the drivers weren’t updated in a while, and the issuing authority changed its policies.

The best resolution, in this case, could be to download the latest drivers from the manufacturer’s website itself and install them.

If this doesn’t work, the only option you would have is to disable the driver signing or its recognition in Windows 10. However, this isn’t recommended so proceed with it only if you think you need to use the affected hardware.

2] Disable driver signing through the group policy editor

To disable Driver Signature enforcement, press Win + R to open the Run window and type the command gpedit.msc. Press Enter to open the Group Policy Editor.

Navigate to the following path:

User configuration > Administrative templates > System > Driver installation.

On the right-pane, double-click on the entry Code signing for device drivers to open its properties.

This setting determines how the system responds when a user tries to install device driver files that are not digitally signed. It establishes the least secure response permitted on the systems of users in the group. Users can use System in Control Panel to select a more secure setting, but when this setting is enabled, the system does not implement any setting less secure than the one the setting established.

When you enable this setting, use the drop-down box to specify the desired response.

• “Ignore” directs the system to proceed with the installation even if it includes unsigned files.
• “Warn” notifies the user that files are not digitally signed and lets the user decide whether to stop or to proceed with the installation and whether to permit unsigned files to be installed. “Warn” is the default.
• “Block” directs the system to refuse to install unsigned files. As a result, the installation stops, and none of the files in the driver package are installed.

To change driver file security without specifying a setting, use System in Control Panel. Right-click My Computer, click Properties, click the Hardware tab, and then click the Driver Signing button.

Select the radio button as Enabled for this policy.

Select Ignore from the dialogue box for When Windows detects a file without drivers.

Click on OK to save the settings and restart the system.

This will make the warning go away. But you have to remember that this makes your system ‘less secure’.