search

virtio-win / virtio-win-pkg-scripts

Scripts for packaging virtio-win drivers
GNU General Public License v2.0
1.95k stars 151 forks source link

MSI: Install certificate(s) to cert:\LocalMachine\TrustedPublisher #26

Closed ggzengel closed 4 years ago

ggzengel commented 4 years ago

Silent install with virtio-win-gt-x64.msi is not possible because windows is asking for trust on driver publisher. If you store, in the first step, the certificate at cert:\LocalMachine\TrustedPublisher the install will work.

Meanwhile I use this powershell script before running msiexec:

$DriverPath = Get-Item "d:\virtio-win-0.1.173\*\2k12r2\amd64" 

$CertStore = Get-Item "cert:\LocalMachine\TrustedPublisher" 
$CertStore.Open([System.Security.Cryptography.X509Certificates.OpenFlags]::ReadWrite)

Get-ChildItem -Recurse -Path $DriverPath -Filter "*.cat" | % {
    $Cert = (Get-AuthenticodeSignature $_.FullName).SignerCertificate

    Write-Host ( "Added {0}, {1} from {2}" -f $Cert.Thumbprint,$Cert.Subject,$_.FullName )

    $CertStore.Add($Cert)
}

$CertStore.Close()
crobinso commented 4 years ago

Thanks for the suggestion, but you will want to file this against the installer code I think: https://github.com/virtio-win/virtio-win-guest-tools-installer