I have an up-to-date Windows Server 2008 R2 Standard and want to install OpenVPN 2.2.2. Everything during installation seems to be OK, however, after install I see that TAP901 driver is marked with exclamation mark and writes following:
Is far as I can tell, kernel drivers with unverifiable or non-existent signature in 64-bit systems are not allowed. However, I'm pretty sure, that TAP driver is signed, because several other OpenVPN servers on Windows Server 2008 R2 that I administer, have this driver installed and running OK.Windows cannot verify the digital signature for the drivers required for this device. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. (Code 52)
I googled alot and found no solution. If I load my Windows with disabled signature checks by pressing F8 and choosing this option my TAP driver works fine and my VPN is estableshed OK. However, I'm unable to do that using "bcdedit.exe -set TESTSIGNING ON". My server enters this mode OK, and I can observe it with a lower-right corner writing "testing mode", but driver gets aforementioned error 52.
Anyways, running Windows in testing mode by always tapping F8 during boot is not what I'm looking for.
Any ideas? Suggestions? What can I check? Anyone with links on detailed explanation of signature verifying mechanics? Maybe my server screwed somehow some root certificate?