Disks encrypted with PGP Whole Disk Encryption display drivers as "Not digitally signed"

book

Article ID: 157800

calendar_today

Updated On:

Products

Drive Encryption

Issue/Introduction

Disks encrypted with PGP Whole Disk Encryption display drivers as "Not digitally signed".

 

Cause

The field that displays "Not Digitally Signed" is a reference to a signature provided by Windows Hardware Quality Labs.  In order for this to show up as Signed, extended certification is necessary.

 

Resolution

Although this certification will not be pursued by Symantec Dev, the file properties context menu will verify that this same driver is signed by Symantec.  In other words, the actual PGPwded.sys driver, is, in fact, digitally signed and this extended certification is not needed in order for this to be the case.

To validate the PGPwded.sys driver has been signed, follow these steps:

 

1. Navigate to C:\windows\system32\drivers

2. Locate the PGPwded.sys driver, which is the driver for PGP Whole Disk Encryption, or Symantec Drive Encryption.

3. Right-click the file, and go to properties.  Click Digital Signatures.

4. Confirm that either PGP Corporation is listed for versions of PGP prior to 10.3, or Symantec Corporation, for versions 10.3 or later.

 


Applies To

To see this behavior, run through the following steps:

 

1. Encrypt a boot disk with PGP Whole Disk Encryption (or Symantec Drive Encryption), no need to wait for disk to complete.

2. Click the start button, right-click Computer, then go to Manage.

3. Click Disk Management and locate the boot disk, should be Disk 0.

4. Right-click on Disk 0 (To the left of the actual disk partition listing), click Properties.

5. Click the Driver tab, then click the Driver Details button.

6. Look Look at the listing for the PGPWDE driver:

c:\Windows\system32\drivers\pgpwded.sys

Instead of the disk driver showing up as Signed, it shows up as "Not digitally signed".