Όνομα χρήστη
Δημιουργία λογαριασμού
How to sign the Authenticode technology code using Microsoft SignTool
In this article, we'll look at the process of signing programs for Windows® using Authenticode technology in SignTool.
To use SignTool.exe to sign your applications, you will need to install any of the following software packages:
- Microsoft Visual Studio 2005 (or higher)
- Microsoft Windows® SDK 7 (either 8.1 or 10).
Using the SHA256 certificate to sign the code
When using SHA2 to sign code, make sure that you have the latest version of SignTool installed. This will help avoid unexpected errors.
For Comodo certificates: In the Windows® command line, type the following:
signtool sign /tr http://timestamp.comodoca.com /td sha256 /fd sha256 /a "path\to\file.exe"
(For other certificates, you need to specify the URL of the timestamp server).
Note: In the Comodo documentation, experts recommend using a URL such as this: http://timestamp.comodoca.com?td=sha256
If everything was successful, you will see:
Done Adding Additional Store
Successfully signed and timestamped: filename.exe
Using the SHA1 certificate to sign the code
The Comodo Timestamp server by default uses SHA1 to set the Authenticode timestamps in SignTool and SignCode. This is done for compatibility with Windows® Vista and XP.
For Comodo certificates: To sign the code using the SHA1 certificate at the Windows® command line, type the following
signtool sign /t http://timestamp.comodoca.com /a "path\to\file.exe"
(For other certificates, you need to specify the URL of the timestamp server).
If everything was successful, you will see:
Done Adding Additional Store
Successfully signed and timestamped: filename.exe
How to verify a digital signature
To verify the digital signature, right click on the file and select Properties. In the Digital Signatures tab, you will see the used code signature certificate and timestamp.
