[Com0com-user] com0com Installation Issue (Code 52) with Secure Boot Enabled on Windows 10
The virtual serial port driver for Windows.
Brought to you by:
vfrolov
From: Foad S. F. <f.s...@gm...> - 2025-04-01 10:00:09
|
Hello com0com Developers and Users, Following questions here <https://stackoverflow.com/q/79545926/4999991>, here <https://sourceforge.net/p/com0com/code/>, and here <https://superuser.com/q/1889354/588662>, I'm seeking assistance with installing the com0com virtual serial port driver on my Windows 10 system. I am encountering the "Code 52" error (Windows cannot verify the digital signature) for the com0com devices, preventing the driver from loading. My Environment: - Operating System: Windows 10 (Latest Updates) - Secure Boot: Enabled (Policy prevents disabling it) - BitLocker: Active Background: I initially installed com0com via a Chocolatey package which, I later discovered, used an older, unsigned driver version. This caused persistent issues. I have since corrected the Chocolatey package <https://github.com/Foadsf/com0com-chocolatey> to use the official *com0com-3.0.0.0-i386-and-x64-signed.zip* package. However, even after attempting a thorough uninstallation, I cannot get the signed driver to install correctly. On a clean virtual machine, installing the signed package correctly prompts with the "Windows Security - Would you like to install this device software?" dialog showing "Publisher: CyberCircuits". [image: vmconnect_C5FFYI4RGe.png] On my physical machine, this prompt does not appear, and the installation ultimately fails to load the driver, often resulting in the service failing to start with error %%577 or devices showing Code 52 in Device Manager. Troubleshooting Performed: Attempted uninstall using setupc.exe uninstall from the signed package directory (run as Administrator). The command output indicated successful removal of devices, the service, registry keys, driver files (oemXX.inf packages), and the custom class GUID. Verified service removal with sc.exe delete com0com (reports service doesn't exist). Verified device instance removal using pnputil /enum-devices targeting com0com hardware IDs and class GUIDs (reports no devices found). Attempted to enable Test Signing mode using bcdedit /set testsigning on, but this fails with the error: "The value is protected by Secure Boot policy and cannot be modified or deleted." This confirms Secure Boot is preventing the standard workaround for test-signed drivers. Manually deleted associated registry keys and driver files (though setupc uninstall seems to handle this now). Rebooted the system multiple times between uninstallation and reinstallation attempts. Current Problem: Despite the seemingly successful cleanup using setupc uninstall, when I run the signed setup.exe (interactively, as Administrator), it proceeds without showing the Windows Security trust prompt for the CyberCircuits publisher. The installation finishes, but the devices remain unusable with the Code 52 error. The Core Challenge: I cannot disable Secure Boot due to system policies. I need com0com to function using the provided signed driver under these constraints. Questions: Is there a more definitive method (perhaps using pnputil or registry edits beyond what setupc does) to absolutely guarantee that all remnants of the previous unsigned driver installation are purged, ensuring Windows only considers the new signed package during installation? Is the signed com0com-3.0.0.0 driver known to install and function correctly on a Windows 10 system with Secure Boot enabled without requiring Test Signing mode? (I assume the signature should allow this, hence the expected trust prompt). Could there be a conflict with the certificate store or a specific Windows update that might interfere with recognizing the CyberCircuits signature, even if Secure Boot itself isn't directly blocking that specific signature (but rather blocking the attempt to enable Test Signing)? Are there any known workarounds or alternative installation methods for this specific scenario (signed driver, Secure Boot enabled and locked)? Any insights or suggestions would be greatly appreciated. I'm happy to provide further logs or details if needed. Thank you for your time and expertise. Best regards, F. |