How to sign code with a certificate
By FoxLearn 2/28/2025 9:48:53 AM 88
You’ve been provided with a .PFX
code signing certificate and instructed to sign your code.
What is Code Signing?
Code signing involves applying a digital signature to an executable file using a code signing certificate. This process ensures the authenticity and integrity of the code. When the code is executed, your organization’s security software verifies that the executable was signed with the valid certificate, confirming it hasn’t been tampered with.
Once signed, you can view the digital signature in the file’s properties.
Example: Digital signature on an EXE file created using a code signing certificate.
How to Sign Code
You can sign various types of files, including .exe
files, .dll
files, and PowerShell scripts.
In the examples below, assume your code signing certificate is stored at C:\Projects\MyCert.pfx
with the password "Secure123"
.
Signing .exe
and .dll
Files
Run the following command in the command line:
"C:\Program Files (x86)\Microsoft SDKs\Windows\v7.0A\Bin\signtool.exe" sign /f "C:\Projects\MyCert.pfx" /p Secure123 "C:\Projects\MyApp.exe"
After signing, you can verify the digital signature by checking the file’s properties.
Signing PowerShell Scripts
Execute the following PowerShell commands:
$cert = Get-PfxCertificate -FilePath C:\Projects\MyCert.pfx Set-AuthenticodeSignature -FilePath C:\Projects\MyScript.ps1 -Certificate $cert
You’ll be prompted to enter the certificate password. Input "Secure123"
and click OK.
Once completed, open your PowerShell script to confirm that a signature block has been appended to it.
Example: PowerShell script with a signature block.
By following these steps, you ensure your code is securely signed and ready for distribution.
- How to use JsonConverterFactory in C#
- How to serialize non-public properties using System.Text.Json
- The JSON value could not be converted to System.DateTime
- Try/finally with no catch block in C#
- Parsing a DateTime from a string in C#
- Async/Await with a Func delegate in C#
- How to batch read with Threading.ChannelReader in C#
- How to ignore JSON deserialization errors in C#