Device drivers are needed in order for the hardware and software to communicate in an operating system. Some of these drivers are digitally signed. These kinds of drivers are drivers that are signed by their issuing authority in a way that the end-user or any third party won’t be able to modify them. And there are times when you encounter an error that says, “Windows requires a digitally signed driver” when you try to install or update device drivers.
Driver Signing is the process of associating a digital signature with a driver package. Digital signatures are used in Windows device installations to verify the identity of the vendor providing the driver packages as well as to verify the integrity of the driver packages.
All the drivers you usually install on your PC from Windows Update, Original Equipment Manufacturers, or some other third-party driver download software and so on must be verified digitally by Microsoft through the digital signature. A digital signature is an electronic security mark that verifies the publisher for the driver and all the relevant information related to it. That’s why Windows won’t run a driver if it isn’t certified by Microsoft, be it a 32-bit or 64-bit system – this is called the Driver Signature Enforcement.
The only Kernel-mode drivers that Windows 10 will load are the ones that are digitally signed by the Dev Portal. However, the changes only affect the new installations of the operating system with Secure Boot on while the non-upgraded fresh installations would require drivers that are signed by Microsoft.
The “Windows requires a digitally signed driver” error indicates that the driver you are trying to update or install hasn’t been signed digitally by the issuing authority, preventing you from installing or updating it. To resolve this issue, you can try to update the drivers directly from the manufacturer’s site. You could also disable driver signing via Group Policy Editor.
Option 1 – Update the device drivers directly from the manufacturer’s site
The reason why you’re getting the “Windows requires a digitally signed driver” error in the first place is that you might have downloaded the drivers from external media. It could also be that the drivers didn’t update for some time now and the issuing authority changed its policies. Thus, you can try to update the drivers straight from the manufacturer’s website and install them. If this option didn’t work, then you’ll have to disable the driver signing or its recognition in Windows 10. Keep in mind that doing so is not advisable if you have to use the concerned driver.
Option 2 – Disable driver signing via Group Policy Editor
- Tap the Win + R keys to open the Run utility and type “gpedit.msc” in the field and tap Enter to open the Group Policy Editor.
- After that, navigate to this policy setting: User configuration > Administrative templates > System > Driver installation
- Next, double click on the “Code signing for device drivers” entry located on the right pane to open its properties where you’ll see the following description:
“This setting determines how the system responds when a user tries to install device driver files that are not digitally signed. It establishes the least secure response permitted on the systems of users in the group. Users can use the System in Control Panel to select a more secure setting, but when this setting is enabled, the system does not implement any setting less secure than the one the setting established.
When you enable this setting, use the drop-down box to specify the desired response.
“Ignore” directs the system to proceed with the installation even if it includes unsigned files.
“Warn” notifies the user that files are not digitally signed and lets the user decide whether to stop or to proceed with the installation and whether to permit unsigned files to be installed. “Warn” is the default.
“Block” directs the system to refuse to install unsigned files. As a result, the installation stops, and none of the files in the driver package are installed.
To change driver file security without specifying a setting, use System in Control Panel. Right-click My Computer, click Properties, click the Hardware tab, and then click the Driver Signing button.”
- Now select the radio button for “Enabled” and select Ignore from the drop-down menu under “When Windows detects a driver file without a digital signature”.
- Then click on the Apply and OK buttons to save the changes made. This will get rid of the “Windows requires a digitally signed driver” error but take note that this will also make your system less secure.