The whole point of signing is to guarantee the driver was released by source Microsoft trusts. This means the signature alone does not help you, your key has to be signed by MS for the chain of trust be in place.

签名的全部意义在于保证驱动程序是由微软信任的来源发布的。这意味着单独的签名对您没有帮助，您的密钥必须由 MS 签名才能建立信任链。

You need to purchase an Authenticode certificate (from Verisign) to properly sign the driver for Windows x64. See the following links:

您需要购买 Authenticode 证书（来自 Verisign）才能正确签署适用于 Windows x64 的驱动程序。请参阅以下链接：

http://msdn.microsoft.com/en-us/windows/hardware/gg487317

http://msdn.microsoft.com/en-us/windows/hardware/gg487317

http://msdn.microsoft.com/en-us/windows/hardware/gg487328

http://msdn.microsoft.com/en-us/windows/hardware/gg487328

Certificates can be purchased here: http://www.verisign.com/code-signing/microsoft-authenticode/

证书可以在这里购买：http: //www.verisign.com/code-signing/microsoft-authenticode/

More on this at the following links.

有关更多信息，请访问以下链接。

http://winprogger.com/cross-signing-kernel-mode-drivers/

http://winprogger.com/cross-signing-kernel-mode-drivers/

http://winprogger.com/certificate-for-kernel-mode-driver-signing/

http://winprogger.com/certificate-for-kernel-mode-driver-signing/

No. You don't need MS to sign it. You do need a code signing certificate that chains to something MS trusts. There is more than one vendor that can sell you the cert.

不，您不需要 MS 来签名。您确实需要一个链接到 MS 信任的东西的代码签名证书。有不止一个供应商可以向您出售证书。

Try this: 1) Ensure that windows is fully updated. This actually fixed the problem on one of my pcs. 2) Check out https://social.msdn.microsoft.com/Forums/windowsdesktop/en-US/0b00c9d4-dff9-4fbe-b741-768c9b39349c/practical-windows-code-and-driver-signing-discussion?forum=wdk

试试这个： 1) 确保 Windows 已完全更新。这实际上解决了我的一台电脑上的问题。2) 查看https://social.msdn.microsoft.com/Forums/windowsdesktop/en-US/0b00c9d4-dff9-4fbe-b741-768c9b39349c/practical-windows-code-and-driver-signing-discussion?forum= wdk

This is an in depth (with references) doc.

这是一个深入的（带参考）文档。

The only reliable and effective way to get rid of "Windows cannot verify the digital signature" message is to disable digital signature enforcement through Windows startup options. The solution is temporarily and stays active during current Windows session, but it can be activated again during each startup. Here's a detail explanation for each Windows version: http://freewisdoms.com/windows-cannot-verify-the-digital-signature-code-52-driver-fix/

摆脱“Windows 无法验证数字签名”消息的唯一可靠且有效的方法是通过 Windows 启动选项禁用数字签名强制执行。该解决方案是暂时的，并在当前 Windows 会话期间保持活动状态，但可以在每次启动期间再次激活。下面是每个 Windows 版本的详细解释：http: //freewisdoms.com/windows-cannot-verify-the-digital-signature-code-52-driver-fix/

Ideally you should have digitally signed driver trusted by Microsoft. However, there is a workaround, but not recommended.

理想情况下，您应该拥有 Microsoft 信任的数字签名驱动程序。但是，有一种解决方法，但不推荐。

Windows 8 and above

Windows 8 及以上

1. Search and open Recoveryin System settings.
2. Select Advanced start-upand Restart now.
3. During booting, in Advanced Boot Options, select Disable Driver Signature Enforcement.

1. 在系统设置中搜索并打开恢复。
2. 选择高级启动和立即重启。
3. 在启动过程中，在Advanced Boot Options 中，选择Disable Driver Signature Enforcement。

^{Note: This setting will apply to a single user session.}

^{注意：此设置将应用于单个用户会话。}

Windows 7

Windows 7的

1. Restart PC.
2. Keep pressing F8 till Advanced Boot Optionsmenu is shown.
3. Select Disable Driver Signature Enforcement.

1. 重启电脑。
2. 一直按 F8 直到显示高级启动选项菜单。
3. 选择禁用驱动程序签名强制。

Source: How to Fix “Windows cannot verify the digital signature (Code 52)” Driver Problem?

来源：如何解决“Windows 无法验证数字签名（代码 52）”驱动程序问题？