I have a specific type of problem but maybe someone have a hint for me:
We have some systems with special PCIe-Hardware for which we wrote and signed a driver. One certificate in the path of trust is the "Versigin Class 3 Code Signing 2010 CA" (I can provide more information about all certificates if needed).
We have a premade image of our system which is copied on a SSD through a cloning station before we assemble the system and put the SSD inside. After that we install some software which also includes isntalling the driver for the pcie device.
My Problem now: Sometimes (on some devices), the certificate "Versigin Class 3 Code Signing 2010 CA" is missing on the device which causes the driver to not install as the trust path of the certificate can not be resolved. I currently have no clue why the certificate is missing sometimes but not always, using the same image over and over again.
Is there a way to find out on which way or when a certificate entered the microsoft certificate store? Syslogs maybe? Or does anyone else have a good idea to debug this?
PS: I can can however import the missing certificate afterwards and the chain of trust will be shown as "OK", but I can not install the driver of the PCIe device properly on that system anymore.
