I am the developer of UniversalADBDriver, a tool that creates a self signed Android USB driver on the user's computer.
Source code of installer and setup package: https://github.com/koush/UniversalAdbDriver
The tool generates a keypair and adds a certificate to the user's key store, then signs the driver files. This worked fine until Windows 10, where it inexplicably stopped working. I ran the command line manually:
The following certificates were considered:
Issued to: UniversalADB
Issued by: UniversalADB
Expires: Fri Aug 25 17:00:00 2017
SHA1 hash: C8701DF4CDC7DD75813400AD2B3B4C2EFDA4E662
After EKU filter, 1 certs were left.
After expiry filter, 1 certs were left.
After Private Key filter, 0 certs were left.
SignTool Error: No certificates were found that met all the given criteria.
On Windows 10, the certificate is being filtered out by the "Private Key filter". No idea what that is, no documentation anywhere on it.
UPDATE
I've discovered that neither makecert.exe or X509Store.add can write certificates/keys to the Current User store when invoked through the installer on Windows 10. However, the certificates in the Local Machine store are placed correctly. I'm not sure why that is. So basically, the private key is not being placed in the store properly so the signature fails. Running the same steps manually on the command line works. I still need to figure out why the private key is not being persisted in the store however.
