We use MadCodeHook for loading of 3 DLLs. It has to work on Windows from XP to Win 10.
For driver signing we use sha1 digital cert. But our sha1 cert will expire in a few days. So we will have to sign by sha256 soon and it will not work at XP and Vista.
Of course we can sign driver now, while sha1 cert is actual, but when we will change DLLs in a future, they will sign by sha256 cert. Will it work?
Are there any solutions for such issue? How can we change DLLs without having to reconfigure and sign the driver?
Or maybe there is some other solution to our problem?
Thank you in advance!
With GlobalSign, I recently bought (renewed) a SHA256 certificate, but I was able to reissue the same certificate as SHA1, as well, so I have both SHA1 and SHA256. For signing, I first sign with SHA1, and then add an SHA256 certificate on top. This seems to make both older and newer OSs happy.
https://techcommunity.microsoft.com/t5/ ... a-p/364894