CERT_E_CHAINING error on self signed Nvidia files

[kptkill]

Receiving the following error on self signed Nvidia drivers:

WinVerifyTrust failed with 0x800b010a (CERT_E_CHAINING) on '\Device\HarddiskVolume1\Program Files\NVIDIA Corporation\coprocmanager\nvdxgiwrapx.dll'

WinVerifyTrust failed with 0x800b010a (CERT_E_CHAINING) on '\Device\HarddiskVolume1\Program Files\NVIDIA Corporation\coprocmanager\Nvd3d9wrapx.dll'

WinVerifyTrust failed with 0x800b010a (CERT_E_CHAINING) on '\Device\HarddiskVolume1\Windows\System32\nvinitx.dll'

[kptkill]

VBoxStartup.log showing error

[bird]

Three is nothing wrong here, you're just confused by the log file. "supR3HardNtViCallWinVerifyTrustCatFile -> 0 (was CERT_E_CHAINING)" overrides the previous "supR3HardNtViCallWinVerifyTrust: WinVerifyTrust failed with 0x800b010a (CERT_E_CHAINING) on ..." message in every case. That is to say, we've used an alternative way of checking the authenticity of the DLLs via windows APIs. (This DLL and it's signature was already checked out by our own signature verification code.)

Btw. the NVIDIA DLLs aren't self signed, they have a sub CA certificate "CN=NVIDIA Subordinate CA 2014, DC=nvidia, DC=com" issued to them by "CN=Microsoft Digital Media Authority 2005". This microsoft root CA certificate isn't found by the WinVerifyTrust API and it thus returns CERT_E_CHAINING as it cannot anchor the trust chain. Microsoft doesn't appear to install this certificate as a trusted root certificate by default, they probably have a reason for this, though it escapes me. Both AMD/ATI and Intel have similar subordinate CA certificates, btw.