Tech Tip: Code signing built applications on Windows
PRODUCT: 4D | VERSION: 17 | PLATFORM: Win
Published On: May 30, 2019
Code signing a built application on Windows requires using the Windows SDK signtool and a signing certificate. The Makecert application can be used for creating a self-signed certificate for testing but a fully trusted certificate should be used for production.
Typically the command for signing a windows application may look like this:
"C:\Program Files (x86)\Windows Kits\10\bin\x64\signtool.exe" sign /f c:\path\to\MyKey.pfx /a c:\path\to\OEM_app.exe |
If it fails, the /debug option could be used to obtain additional details:
"C:\Program Files (x86)\Windows Kits\10\bin\x64\signtool.exe" sign /debug /f c:\path\to\MyKey.pfx /a c:\path\to\OEM_app.exe |
Commented by David Ringsmuth on August 11, 2020 at 8:28 AM
A Windows code-signing certificate is needed to sign a Windows executable. Comodo sells these.
Commented by David Ringsmuth on July 15, 2020 at 8:44 PM
The current Windows SDK for Windows 10: https://developer.microsoft.com/en-us/windows/downloads/windows-10-sdk/
This installer is item select-able. The SignTool may be installed without the other SDK components.