to load your driver on Windows Vista-8.1 (x64) and WIndows 10* with Secure Boot DISABLED, you may use a standard code signing certificate. They are not so expensive and can be obtained also by individuals (i.e. you do not need to have a company to acquire the cert). To sign a driver for this purpose, just use the SignTool utility.
If your driver needs to run on Windows 10* with Secure Boot enabled you need an EV code signing certificate. They are more expensive that standard ones and may be acquired only for companies. To sign your driver for this case, you need to send it to Microsoft and go through the Atestation signing process.
AFAIK your driver needs to pass some tests when you with to load it on Windows Server 2016. Search mailing lists at osronline.com, there are quite a lot about practical driver signing since people are quite confused about it.
Personally, I got a standard code signing certificate (since I do not have a company) for myself from Certum (https://www.certum.eu/certum/cert,offer ... igning.xml
). They are pretty cheap, however, you need to pay extra EUR 150 for a smart card if you do not have one. Their certificates are issued only on smart cards.
You can definitely obtain the certificate from other CAs, however, Certum has some advantages, especially for me:
* their certificates are quite cheap,
* their vetting process (identity verification) is straightforward (at least for Europeans), They also plainly tell you what documents you need to pass the identity verification.
So, if you need to sign your driver for a real production, you have to acquire the EV code singing certificate.