13.59. How to install print drivers that are not signed by Microsoft

Printix Client is not able to install an unsigned print driver until the Authenticode signature has been installed. Follow the instructions below to install the Authenticode signature on each computer, or add it to a group policy.

Extract the certificate

1. Locate the security catalog file (*.cat). It can be found in the folder with the rest of the print driver files.
2. Right-click the .cat file and select Open.
3. In the Security Catalog dialog on the General tab, select View Signature at the bottom.
4. In the Digital Signature Details dialog on the General tab, select View Certificate.
5. In the Certificate dialog, select the Details tab. Select Copy to file… at the bottom.
6. In the Certificate Export Wizard, select Next.
7. In Export file format, leave the choice to the default selected. Select Next.
8. In File to export, provide a location and file name for the certificate. Select Next.
9. Select Finish.
10. Select OK.

Import the certificate

• Add certificate to a computer
• Add certificate to domain group policy

Printix should now be able to install the print drivers silently without security prompts blocking the installation, and the computer failing to install printer driver: -2,147,467,259.

Add certificate to a computer

1. Browse to the location of the extracted print driver files.
2. Open .cat file in the driver installation files folder.
3. In the Security Catalog dialog on the General tab, select View Signature at the bottom.
4. In the Digital Signature Details dialog on the General tab, select View Certificate.
5. In the Certificate dialog on the General tab, select Install Certificate… at the bottom.
6. In the Certificate Import Wizard, select Local Machine. Select Next.
7. Select Place all certificates in the following store and select Browse.
8. In the Select Certificate Store dialog, check Show physical stores.
9. Scroll to the top and select Trusted Root Certification Authorities.
10. Select Next.
11. Select Finish.

Add certificate to domain group policy

1. On a Windows server, open the Group Policy Management Console.
2. Locate and right-click the domain group policy, and select Edit.
3. Select Computer Configuration, Policy, Windows Settings, Security Settings, and then Public Key Policies.
4. Right-click Trusted Publishers and select Import.
   Step through the import wizard, provide the location and name of the certificate when asked, then Finish the wizard. Other than the .cat file, no other settings should be changed.