I am new to certificates and I have a driver I have to digitally sign to test otherwise windows blocks it. I have created a self signed test certificate for testing purposes using OpenSSL, using their provided tutorial.
I have installed the certificate to all of the windows stores necessary for it to be trusted, after signing the driver file everything worked until I rebooted my PC, after that it says my certificate is no longer digitally signed due to this issue: A certificate's basic constraint extension has not been observed.
I thought it could be because my test certificate is no longer valid so I create a new one, same issue even before rebooting my PC. I have tried many options I can find in tutorials, I encounter the same issue and I am not willing to buy a certificate just for a couple of tests.
What can I do to get past this issue? These are the basic constraints in my certificate: Subject Type=CA Path Length Constraint=None
If you have a solution, please post me instructions on what I have to do step by step, I am new to OpenSSL and certificates.
Additional information:
This is the tutorial I've tried following when it all started, all other tutorials give me the same result/issue: CLICK ME (LINK)
This is a image of the issue: CLICK ME (LINK)
I don't have enough repution to use embedded images.
Not using OpenSSL on Windows, but I know how to do this in PowerShell. Open PowerShell console and copy/paste the following command:
$cert = New-SelfSignedCertificate -Type CodeSigningCert `
-Subject "CN=My Subject" `
-CertStoreLocation cert:\currentuser\my `
-KeyAlgorithm rsa `
-Provider "Microsoft Enhanced Cryptographic Provider v1.0"
Export-PfxCertificate -Cert $cert -FilePath "c:\temp\mycert.pfx" -Password (ConvertTo-SecureString -String "Password" -Force -AsPlainText)
This command will generate self-signed certificate suitable for code signing purposes.