Using the DigiCert Certificate Utility to Sign Your Code

Code Signing with the DigiCert® Certificate Utility for Windows
DigiCert does not recommend using the DigiCert Certificate Utility for Windows to create a code signing certificate CSR or to sign code files on currently supported versions of Windows. The DigiCert Certificate Utility for Windows signs files with a legacy SHA 1 hashing algorithm, and newer versions of Windows no longer trust SHA 1 signed files.

If you have not yet ordered your Code Signing Certificate, visit Code Signing Certificates.

After installing your DigiCert Code Signing Certificate on your Windows server or workstation, use the DigiCert® Certificate Utility for Windows to:

 

How to Sign Your Code with the DigiCert Utility

  1. If you are using an EV Code Signing Certificate, plug in your token/device now.

  2. On your Windows server or workstation, download and save the DigiCert® Certificate Utility for Windows executable (DigiCertUtil.exe).

  3. Run the DigiCert® Certificate Utility for Windows.

    Double-click DigiCertUtil.

  4. In the DigiCert Certificate Utility for Windows©, click Code Signing (blue and silver shield), select the Code Signing Certificate that you want to use to sign your code, and then, click Sign Files.

    If you do not see your EV Code Signing Certificate, plug in your token now.

  5. In the Code Signing window, click Add Files, then browse for and select the file that you want to sign.

  6. Next, check Add a timestamp to the signature if you want to time stamp your signature.

    • To add a timestamp, you must be connected to the Internet.

    • Adding a timestamp allows your signature to remain valid after the Code Signing Certificate has expired, as long has the code remains unchanged.

  7. Finally, click Sign.

  8. When you receive the “All the files have been successfully signed” message, click OK.

  9. Congratulations, you should now have a freshly signed piece of code, ready to use!
 

How to Check Your File's Signature

  1. In the DigiCert Certificate Utility for Windows©, click Code Signing (blue and silver shield).

  2. Next, click Check Signature to select and open the file whose signature you want to check.

  3. In the Code Signed Signature Check window, you should see a green checkmark for “The file is signed and the signature was verified”.

    If you checked Add a timestamp to the signature, you should also see a green checkmark for “The signature was time stamped by DigiCert Inc on 'Date and Time'”.

Get code signing certificates for just $474/year

Buy Now