SignTool: Sign Windows code with a code signing certificate

Note: Starting June 1, 2021, GoDaddy will no longer issue or renew Code Signing or Driver Signing Certificates. If you already own a Code Signing or Driver Signing Certificate, you will be unable to rekey it after June 1, 2021. All certificates issued before June 1, 2021 will remain valid until they expire.

After you've created your PFX file, you can sign your code with Microsoft SignTool.

Our code signing certificates work with the following types of Windows-based files:

• EXE
• DLL
• OCX
• CAB

  Note: For CAB files, space should be allocated for the digital signature by adding the following entry to your DDF file before creating the cab file: Set ReservePerCabinetSize=6144.

Use SignTool to sign your code

1. Install SignTool using Microsoft's information. This involves downloading and installing Microsoft Windows Software Development Kit (SDK).
2. Launch cmd.
3. Sign your file:
   SignTool sign /f path to your PFX file /p your PFX file password /tr http://tsa.starfieldtech.com /td SHA256 path to the code you want to sign

   Note: You must use the http://tsa.starfieldtech.com time stamp authority.

Next step

• Start distributing your newly signed file to your users