Home / Docs / Using a code signing certificate

Using a code signing certificate

Sign executables and add a trusted timestamp.

Using a code signing certificate

Code signing certificates sign executables, drivers and scripts to remove unknown-publisher warnings.

Windows (signtool)

signtool sign /fd SHA256 /tr http://timestamp.idigitrust.com /td SHA256 app.exe
  • /tr sets the timestamp service so signatures stay valid after expiry.
  • /fd SHA256 sets the digest algorithm.

Verify

signtool verify /pa app.exe
EV code signing earns SmartScreen reputation instantly.
Docs