Commercial Release Certificate

A commercial release certificate refers to a digital certificate that a publisher obtains from a trusted, third-party, commercial certification authority (CA) that is a member of the Microsoft Root Certificate Program. GTE and VeriSign, Inc. are two examples of such CAs. A CA that is a member of this program validates the identity and entitlement of an applicant and then issues a certificate that the applicant uses to sign its drivers. The signing process stamps the driver with the publisher's identity and can be used to verify that the driver has not been modified since it was signed.

For security reasons, you should not use a digital certificate that is used to release-sign drivers to test-sign drivers. You should obtain separate digital certificates to use for release-signing and for test-signing. For information about how to manage digital certificates, see Managing the Digital Signature or Code Signing Keys.

Follow the instructions that are provided by the CA about how to obtain and install the release certificate on a computer that you will be using to sign a driver.

For more information about how to obtain a digital certificate from a CA, see the Microsoft Root Certificate Program Members website.