Signtool Sign Files


The Signtool Sign Files action allows you to digitally sign files.

From the Specify Files tab specify the files that you wish to sign (each entry on a new line).


From the options section select any of the following options that you would like executed:

Verbose Output - Self Explanatory.
Automatically select the best signing certificate - Self Explanatory.
Use Computer store rather than User store - Self Explanatory.
Signed Content Description - A text description of the signed content.
Signed Content Description (URL) - A URL to the full description of the signed content.
Use Timestamp Service URL - The URL of the timestamp server.
Enhanced Key Usage - Specifies the Enhanced Key Usage that must be present in the signing certificate.


The Signing Options tab allows you to specify extra details about the signature:


Certificate - Specify the file to use as the signing certificate. When using a Personal Information Exchange (.pfx) which is protected by a password, use the Certificate Password option to specify the password. If the file does not contain private keys use the Cryptographic Service Provider and Private Key Container options to specify the private keys to be used.
Certificate Password - The password to use when opening a password protected Personal Information Exchange (.pfx) file.
Cryptographic Service Provider - The Cryptographic Service Provider that contains the private key container.
Private Key Container - The private key container name.
Subject Name - The subject name of the signing certificate.
Root Subject Name - Specify the subject name of the root certificate that the signing certificate must link to.
Store Name - Specify the name of the store to open when searching for the certificate.
Issuer Name - Specify the issuer name of the signing certificate.
Certificate Template Name - The certificate template name for the signing certificate.
SHA1 Hash - Specify the SHA1 hash of the signing certificate.


For more information on Signtool see MSDN.