Windows must have the custom root CA certificate installed in the "Trusted Root Certification Authorities" store; Otherwise, it will not acknowledge the drivers signed by the localhost-km.pfx kernel certificate despite it being issued by root CA (as it was not in the trusted vault).
- Open Microsoft Management Console (MMC):
- Press
Win + R, typemmc, and hit Enter.
- Press
- Add Certificates snap-in:
- Go to
File > Add/Remove Snap-in.... - Select
Certificates - Click
Add >Button - Choose
Computeraccount, and clickFinish.
- Go to
- Import the root certificate:
- In the MMC, navigate to
Certificates (Local Computer) > Trusted Root Certification Authorities. - Right-click on Certificates, go to
All Tasks > Import.... - Follow the wizard: Import your custom root CA certificate (
localhost-root-ca.cer) into this store. You should see a warning about importing a non-trusted CA; confirm that you want to proceed.
- In the MMC, navigate to
- Reboot: Reboot your computer for the change to take effect.