{"id":7633,"date":"2022-07-21T10:24:00","date_gmt":"2022-07-21T18:24:00","guid":{"rendered":"https:\/\/cheapsslsecurity.com\/blog\/?p=7633"},"modified":"2022-07-21T10:24:01","modified_gmt":"2022-07-21T18:24:01","slug":"code-signing-101-how-to-sign-an-exe-or-application","status":"publish","type":"post","link":"https:\/\/cheapsslsecurity.com\/blog\/code-signing-101-how-to-sign-an-exe-or-application\/","title":{"rendered":"Code Signing 101: How to Sign an Exe or Application"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">Can\u2019t wait to launch your latest application? Learn how properly signing executables helps you secure your organization\u2019s most valuable assets in just four easy steps<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">A few decades ago, building customer trust was much easier for a business thanks to face-to-face interaction. Today, in an increasingly remote world \u2014 one that relies heavily on codes where software has become part of our life \u2014 it\u2019s another story.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Many organizations have shifted their business online. But how can you foster your customers&#8217; trust now if you&#8217;re one of them? You can do this by signing your executables and applications. In fact, <a href=\"https:\/\/www.keyfactor.com\/state-of-machine-identity-management-2022\/?utm_medium=website&amp;utm_source=infobar&amp;utm_campaign=2022-state-of-machine-identity-mgt-report\">66% of organizations<\/a> dramatically increased the number of code signing certificates they used in 2021.&nbsp;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">In a recent article, you learned everything about <a href=\"https:\/\/cheapsslsecurity.com\/blog\/a-primer-on-how-code-signing-works\/\">how code signing works<\/a> as a process. In this second part of the series, you&#8217;ll learn how to sign executables and applications in four easy-to-follow steps. Are you ready to give a digital identity to your software and increase your customers&#8217; trust? Read on to discover how.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">How to Sign an Application or an Executable in 4 Easy Steps<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Code signing enables developers and software manufacturers to digitally sign their executables and scripts. In addition to attaching their digital identities to their code, this process also allows them to offer assurances that:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>The software is really coming from them, and<\/li><li>It hasn&#8217;t been altered or corrupted since it was signed.<\/li><\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">How do they do it? Many companies use a simple command line tool built by Microsoft: SignTool.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Now that you have your code signing certificate, let&#8217;s find out how to sign an exe using that tool. It&#8217;s dead simple, and it doesn\u2019t take long to do. We\u2019ve even summarized the whole process for you in the table below!<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table><tbody><tr><td><strong>How to Sign an Exe \u2013 4 Steps to Follow<\/strong><\/td><td><strong>Overview of What This Step Entails<\/strong><\/td><\/tr><tr><td>1. Install Microsoft SignTool.exe<\/td><td>The tool can be downloaded together with <a href=\"https:\/\/developer.microsoft.com\/en-US\/windows\/downloads\/windows-sdk\/\">Windows 10 SDK<\/a> as it\u2019s included in it.<\/td><\/tr><tr><td>2. Open a Command Prompt Window as Administrator<\/td><td>Open the Windows Command Prompt tool by typing CMD into the Run window (or in the search bar next to the Start menu).<\/td><\/tr><tr><td>3. Navigate to the Directory Containing SignTool.exe<\/td><td>Use the command: <em>cd C:\\Program Files (x86)\\Windows Kits\\10\\bin\\10.0.22000.0\\x86<\/em><\/td><\/tr><tr><td>4. Sign and Timestamp Your Application or Executable<\/td><td>Use the command: <em>signtool sign \/f &#8220;c:\\filepath\\codesigningcertificate.pfx&#8221; \/p \u201cyourpasswordhere\u201d \/tr<\/em> <em>https:\/\/timestamp.digicert.com \/td SHA256 \/fd SHA256 &#8220;c:\\filepath\\myexecutable.exe&#8221;<\/em><\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\">1. Install Microsoft SignTool.exe<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">The tool is included in <a href=\"https:\/\/developer.microsoft.com\/en-US\/windows\/downloads\/windows-sdk\/\">Windows 10 software development kit (SDK)<\/a> and should be already installed on your Windows 10 device. If it isn\u2019t, ensure you install it before proceeding further.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">2. Open a Command Prompt Window as Administrator<\/h3>\n\n\n\n<ul class=\"wp-block-list\"><li>Click the <strong>Start<\/strong> button or press the Windows key to pull up the Start menu.<\/li><li>Type <strong>cmd<\/strong> in the search or run bar to bring up the result for Windows Command Prompt.<\/li><li>Right-click on the <strong>Command Prompt<\/strong> app and select the option that says <strong>Run as administrator.<\/strong> You\u2019ll be requested to log in with your administrator credentials, so make sure you know them!<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"759\" height=\"663\" src=\"https:\/\/cheapsslsecurity.com\/blog\/wp-content\/uploads\/2022\/07\/windows-cmd-prompt-run-as-admin.png\" alt=\"A screenshot of the Run as Administrator option when launching Windows Command Prompt\" class=\"wp-image-7635\" srcset=\"https:\/\/cheapsslsecurity.com\/blog\/wp-content\/uploads\/2022\/07\/windows-cmd-prompt-run-as-admin.png 759w, https:\/\/cheapsslsecurity.com\/blog\/wp-content\/uploads\/2022\/07\/windows-cmd-prompt-run-as-admin-300x262.png 300w\" sizes=\"(max-width: 759px) 100vw, 759px\" \/><figcaption> <em>Image caption: The screenshot shows how to open a command prompt in Windows 10.<\/em> <\/figcaption><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Important!<\/strong> Are you signing your code with an <a href=\"https:\/\/cheapsslsecurity.com\/blog\/ev-code-signing-vs-regular-code-signing\/\">EV code signing certificate<\/a>? Make sure the USB token sent to you from the issuing certificate authority (CA) is inserted into your device first. This hardware token delivery method will <a href=\"https:\/\/cabforum.org\/wp-content\/uploads\/Baseline-Requirements-for-the-Issuance-and-Management-of-Code-Signing.v2.8.pdf\">apply to OV code signing certificates as well<\/a> starting Nov. 15, 2022 (Nov. 14 for users in North America).<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">3. Navigate to the Directory Containing SignTool.exe<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Change to the directory where SignTool.exe is installed. Usually, it&#8217;s under Program Files, in a bin folder, but it really depends on where you&#8217;ve installed Windows SDK. The script below gives you an idea of how you can navigate to another directory in a standard installation: <\/p>\n\n\n\n<pre class=\"wp-block-code\"><code><em>cd C:\\file_path\\folder<\/em>.<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">When put into action, the command will look something like this:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code><em>cd C:\\Program Files (x86)\\Windows Kits\\10\\bin\\10.0.22000.0\\x86<\/em><\/code><\/pre>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"760\" height=\"458\" src=\"https:\/\/cheapsslsecurity.com\/blog\/wp-content\/uploads\/2022\/07\/change-directory-windows-cmd-prompt.png\" alt=\"A screenshot of the Windows Command Prompt \" class=\"wp-image-7636\" srcset=\"https:\/\/cheapsslsecurity.com\/blog\/wp-content\/uploads\/2022\/07\/change-directory-windows-cmd-prompt.png 760w, https:\/\/cheapsslsecurity.com\/blog\/wp-content\/uploads\/2022\/07\/change-directory-windows-cmd-prompt-300x181.png 300w\" sizes=\"(max-width: 760px) 100vw, 760px\" \/><figcaption> <em>Image caption: The screenshot shows how to move to the directory where SignTool.exe is located.<\/em> <\/figcaption><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\">4. Sign and Timestamp Your Application or Executable<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Sign your exe or application by using the following command:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code><em>signtool sign \/f \"c:\\filepath\\codesigningscertificate.pfx\" \/p \u201cyourpasswordhere\u201d \/tr http:\/\/CAtimestampserver.com \/td SHA256 \/fd SHA256 \"c:\\filepath\\myexecutable.exe\" <\/em>\u00a0<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">For demonstration purposes, we&#8217;ve used as an example the script used to sign a code using an existing DigiCert code signing certificate (we\u2019ll use the customized versions of the commands in the screenshots):<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>signtool sign \/f \"c:\\codesigningcertificate\\digicert_certificate\\codesigningscertificate.pfx\" \/p \u201cyourpasswordhere\u201d \/tr http:\/\/timestamp.digicert.com \/td SHA256 \/fd SHA256 \"c:\\codesigningcertificate\\myexecutable.exe\"<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Important!<\/strong> You&#8217;ll be prompted to enter your token password if you\u2019re signing executables or apps with an EV code signing certificate. Once again, starting Nov. 15, 2022, the same password will also be required for OV code signing certificate users due to the move to secure storage on hardware security tokens.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"762\" height=\"366\" src=\"https:\/\/cheapsslsecurity.com\/blog\/wp-content\/uploads\/2022\/07\/cmd-prompt-timestamp.png\" alt=\"A screenshot of the Windows Command Prompt in Administrator mode. This screenshot shows the code for time stamping an executable.\" class=\"wp-image-7637\" srcset=\"https:\/\/cheapsslsecurity.com\/blog\/wp-content\/uploads\/2022\/07\/cmd-prompt-timestamp.png 762w, https:\/\/cheapsslsecurity.com\/blog\/wp-content\/uploads\/2022\/07\/cmd-prompt-timestamp-300x144.png 300w\" sizes=\"(max-width: 762px) 100vw, 762px\" \/><figcaption> <em>Image caption: The screenshot shows the command line used when signing and time stamping an executable using a DigiCert code signing certificate.<\/em> <\/figcaption><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\"><em>Et voila\u2019!<\/em> You\u2019re done. This is how to sign an application or an exe using Microsoft SignTool. That was quick, wasn\u2019t it? At this point, you\u2019ll want to double-check whether the digital signature has been applied successfully to the application or executable before making it available to customers and end users.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"760\" height=\"366\" src=\"https:\/\/cheapsslsecurity.com\/blog\/wp-content\/uploads\/2022\/07\/cmd-prompt-timestamp-results.png\" alt=\"A screenshot of the Windows Command Prompt in Administrator mode that shows the time stamping information of a recently signed executable.\" class=\"wp-image-7638\" srcset=\"https:\/\/cheapsslsecurity.com\/blog\/wp-content\/uploads\/2022\/07\/cmd-prompt-timestamp-results.png 760w, https:\/\/cheapsslsecurity.com\/blog\/wp-content\/uploads\/2022\/07\/cmd-prompt-timestamp-results-300x144.png 300w\" sizes=\"(max-width: 760px) 100vw, 760px\" \/><figcaption> <em>Image caption: The screenshot shows the message shown by the command window once you\u2019ve signed and time stamped your application.<\/em> <\/figcaption><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">Do you need to do this even if the command prompt windows just showed you a message stating that the application has been successfully signed? Yes. Because like journalists often say, \u201cIf your mother says she loves you, check it out.\u201d How? Let\u2019s find it out!<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">How to Verify Your Signature in Microsoft SignTool<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Nothing is perfect \u2014 and glitches and errors can happen to virtually every developer at one point or another. But when the security of your codes, organization, customers, and users are at stake, errors and glitches are things that you simply can&#8217;t afford. Call me paranoid, but as a cybersecurity professional, I\u2019ve learned to always apply the motto, \u201cI\u2019ll believe it when I see it.\u201d And this case makes no exception.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Use the following command to verify the success of your code signing signature process:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code><em>signtool verify \/pa \/v \u201cc:\\filepath\\myexecutable.exe\u201d<\/em>\u00a0<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">Once you click <strong>enter<\/strong>, if everything went as planned, you should view the details of your code signing. This information should include info relating to the signing certificate used and the time it was officially stamped.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"761\" height=\"574\" src=\"https:\/\/cheapsslsecurity.com\/blog\/wp-content\/uploads\/2022\/07\/cmd-prompt-code-signing-verification.png\" alt=\"A screenshot of the Windows Command Prompt that shows the digital signature verification information\" class=\"wp-image-7639\" srcset=\"https:\/\/cheapsslsecurity.com\/blog\/wp-content\/uploads\/2022\/07\/cmd-prompt-code-signing-verification.png 761w, https:\/\/cheapsslsecurity.com\/blog\/wp-content\/uploads\/2022\/07\/cmd-prompt-code-signing-verification-300x226.png 300w, https:\/\/cheapsslsecurity.com\/blog\/wp-content\/uploads\/2022\/07\/cmd-prompt-code-signing-verification-87x67.png 87w\" sizes=\"(max-width: 761px) 100vw, 761px\" \/><figcaption> <em>Image caption: The executable has been signed successfully. Can you see all the details about the certificate used and its time stamping?\u00a0<\/em> <\/figcaption><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">Did you know that your customers and users can also check this very information? They can do this simply by:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Right-clicking on the icon of the signed executable or application.<\/li><li>Selecting <strong>properties<\/strong>.<\/li><li>Click on the <strong>Digital Signatures<\/strong> tab.<\/li><\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Isn&#8217;t it cool?<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"783\" height=\"505\" src=\"https:\/\/cheapsslsecurity.com\/blog\/wp-content\/uploads\/2022\/07\/vmware-software-digital-signature.jpg\" alt=\"A side-by-side set of screenshots that show the digital signature information for VMware software\" class=\"wp-image-7640\" srcset=\"https:\/\/cheapsslsecurity.com\/blog\/wp-content\/uploads\/2022\/07\/vmware-software-digital-signature.jpg 783w, https:\/\/cheapsslsecurity.com\/blog\/wp-content\/uploads\/2022\/07\/vmware-software-digital-signature-300x193.jpg 300w\" sizes=\"(max-width: 783px) 100vw, 783px\" \/><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\"><em>Image caption: This image shows what everyone downloading your signed executable or application will be able to see.<\/em><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Microsoft SignTool Options<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">When I started signing executables with Microsoft SignTool, I didn\u2019t know this small command line tool had also some awesome options. The following ones are my favorite:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong><em>\/d.<\/em><\/strong> It enables you to add a description to your executable or application. I find it very useful when I want to make the difference between the released version and the test one (e.g., <em>\/d \u201ctest code\u201d)<\/em>.<\/li><li><strong><em>\/du.<\/em><\/strong> With this one, you can add a specific URL to your executable or application description. I often used it when I wanted to add a link to the code\u2019s project page or to any detailed information related to the signed code (e.g., <em>\/du <\/em><em>https:\/\/your_Confluence_page.tld\/project\/description<\/em>).<\/li><\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">But there are more that can also be pretty useful. In fact, if you go back and check the script we used as the example on how to sign the executable, you\u2019ll be able to recognize some of them:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>\/a.<\/strong> In business, every second counts. Therefore you may want to automate as many tasks as possible. By adding this option to your script, the best code signing certificate will be automatically selected for you from those available in your Windows Certificate Store.<\/li><li><strong>\/fd.<\/strong> This command lets you specify the file digest algorithm you want to use to create your signature file. At the time of writing this article, the recommended hashing algorithm is SHA256 (e.g., <em>\/fd SHA256<\/em>).<\/li><li><strong><em>\/n<\/em><\/strong>. Do you have multiple code signing certificates and want to select a specific code signing certificate? You may want to use this option rather than <em>a\/<\/em> followed by the certificate\u2019s common name (e.g., <em>\/n \u201cyour code signing certificate common name\u201d).<\/em><\/li><li><strong><em>\/tr<\/em><\/strong><em>. <\/em>As we already know, time stamping is important. This option will enable you to specify an <a href=\"https:\/\/datatracker.ietf.org\/doc\/html\/rfc3161\">RFC 3161<\/a>-compliant trusted time stamp server.<\/li><\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Isn\u2019t it sweet? These are just a few examples of <a href=\"https:\/\/docs.microsoft.com\/en-us\/windows\/win32\/seccrypto\/signtool\">all the numerous<\/a><a href=\"https:\/\/docs.microsoft.com\/en-us\/windows\/win32\/seccrypto\/signtool\"> options<\/a> you can use when signing executables with this little but grand command line tool.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Final Thoughts on How to Sign an Exe or Application<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Have you ever thought that the process for signing executables was so straightforward? Four easy steps, that\u2019s all that it takes.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Install Microsoft SignTool, open a command prompt, get to the right directory and run the script to sign your executable. Doing this, you\u2019ll:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Add an extra layer of security to your application\u2019s installation process.<\/li><li>Prove that your application is legitimate (i.e., it\u2019s authentic because you\u2019re the one who signed it).<\/li><li>Guarantee the integrity of your application (i.e., users and operating systems will know no one has tampered with it since you signed it).<\/li><\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Give a real boost to your customers\u2019 trust and increase the number of downloads. And remember, even one unsigned (therefore unprotected) executable or application can cause a widespread security incident.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Can\u2019t wait to launch your latest application? Learn how properly signing executables helps you secure your organization\u2019s most valuable assets in just four easy steps A few decades ago, building customer trust was much easier for a business thanks to face-to-face interaction. Today, in an increasingly remote world \u2014 one that relies heavily on codes<\/p>\n","protected":false},"author":8,"featured_media":7642,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[5],"tags":[21,733],"class_list":["post-7633","post","type-post","status-publish","format-standard","has-post-thumbnail","category-ssl-pki","tag-code-signing","tag-how-to-sign-an-exe"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.9 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Code Signing 101: How to Sign an Exe or Application<\/title>\n<meta name=\"description\" content=\"We&#039;ll walk you through how to sign an exe in four easy steps using Microsoft SignTool in the Windows Command Prompt.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/cheapsslsecurity.com\/blog\/code-signing-101-how-to-sign-an-exe-or-application\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Code Signing 101: How to Sign an Exe or Application\" \/>\n<meta property=\"og:description\" content=\"We&#039;ll walk you through how to sign an exe in four easy steps using Microsoft SignTool in the Windows Command Prompt.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/cheapsslsecurity.com\/blog\/code-signing-101-how-to-sign-an-exe-or-application\/\" \/>\n<meta property=\"og:site_name\" content=\"Savvy Security\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/cheapsslsecurities\" \/>\n<meta property=\"article:published_time\" content=\"2022-07-21T18:24:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-07-21T18:24:01+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cheapsslsecurity.com\/blog\/wp-content\/uploads\/2022\/07\/how-to-sign-an-exe-feature.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1600\" \/>\n\t<meta property=\"og:image:height\" content=\"1000\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Savvy Security\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@sslsecurity\" \/>\n<meta name=\"twitter:site\" content=\"@sslsecurity\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Savvy Security\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"9 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/code-signing-101-how-to-sign-an-exe-or-application\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/code-signing-101-how-to-sign-an-exe-or-application\\\/\"},\"author\":{\"name\":\"Savvy Security\",\"@id\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/#\\\/schema\\\/person\\\/1ce9a5743b7f25b5be6e4972864b4493\"},\"headline\":\"Code Signing 101: How to Sign an Exe or Application\",\"datePublished\":\"2022-07-21T18:24:00+00:00\",\"dateModified\":\"2022-07-21T18:24:01+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/code-signing-101-how-to-sign-an-exe-or-application\\\/\"},\"wordCount\":1612,\"image\":{\"@id\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/code-signing-101-how-to-sign-an-exe-or-application\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/07\\\/how-to-sign-an-exe-feature.jpg\",\"keywords\":[\"Code Signing\",\"How to Sign an Exe\"],\"articleSection\":[\"SSL &amp; PKI\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/code-signing-101-how-to-sign-an-exe-or-application\\\/\",\"url\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/code-signing-101-how-to-sign-an-exe-or-application\\\/\",\"name\":\"Code Signing 101: How to Sign an Exe or Application\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/code-signing-101-how-to-sign-an-exe-or-application\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/code-signing-101-how-to-sign-an-exe-or-application\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/07\\\/how-to-sign-an-exe-feature.jpg\",\"datePublished\":\"2022-07-21T18:24:00+00:00\",\"dateModified\":\"2022-07-21T18:24:01+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/#\\\/schema\\\/person\\\/1ce9a5743b7f25b5be6e4972864b4493\"},\"description\":\"We'll walk you through how to sign an exe in four easy steps using Microsoft SignTool in the Windows Command Prompt.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/code-signing-101-how-to-sign-an-exe-or-application\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/code-signing-101-how-to-sign-an-exe-or-application\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/code-signing-101-how-to-sign-an-exe-or-application\\\/#primaryimage\",\"url\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/07\\\/how-to-sign-an-exe-feature.jpg\",\"contentUrl\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/07\\\/how-to-sign-an-exe-feature.jpg\",\"width\":1600,\"height\":1000},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/code-signing-101-how-to-sign-an-exe-or-application\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Code Signing 101: How to Sign an Exe or Application\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/\",\"name\":\"Savvy Security\",\"description\":\"Practical cybersecurity advice\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/#\\\/schema\\\/person\\\/1ce9a5743b7f25b5be6e4972864b4493\",\"name\":\"Savvy Security\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/4e5539150b16b5af1d22136f03dedda89a96babb3e9b5ceb18c2bde4e1dcba57?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/4e5539150b16b5af1d22136f03dedda89a96babb3e9b5ceb18c2bde4e1dcba57?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/4e5539150b16b5af1d22136f03dedda89a96babb3e9b5ceb18c2bde4e1dcba57?s=96&d=mm&r=g\",\"caption\":\"Savvy Security\"},\"description\":\"Welcome to Savvy Security, a blog focused on providing practical cybersecurity advice for website owners and small businesses. Our team brings you the latest news, best practices and tips you can use to protect your business...without a multi-million dollar budget or 24\\\/7 security teams.\",\"sameAs\":[\"blogadmin\"],\"url\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/author\\\/blogadmin\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Code Signing 101: How to Sign an Exe or Application","description":"We'll walk you through how to sign an exe in four easy steps using Microsoft SignTool in the Windows Command Prompt.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/cheapsslsecurity.com\/blog\/code-signing-101-how-to-sign-an-exe-or-application\/","og_locale":"en_US","og_type":"article","og_title":"Code Signing 101: How to Sign an Exe or Application","og_description":"We'll walk you through how to sign an exe in four easy steps using Microsoft SignTool in the Windows Command Prompt.","og_url":"https:\/\/cheapsslsecurity.com\/blog\/code-signing-101-how-to-sign-an-exe-or-application\/","og_site_name":"Savvy Security","article_publisher":"https:\/\/www.facebook.com\/cheapsslsecurities","article_published_time":"2022-07-21T18:24:00+00:00","article_modified_time":"2022-07-21T18:24:01+00:00","og_image":[{"width":1600,"height":1000,"url":"https:\/\/cheapsslsecurity.com\/blog\/wp-content\/uploads\/2022\/07\/how-to-sign-an-exe-feature.jpg","type":"image\/jpeg"}],"author":"Savvy Security","twitter_card":"summary_large_image","twitter_creator":"@sslsecurity","twitter_site":"@sslsecurity","twitter_misc":{"Written by":"Savvy Security","Est. reading time":"9 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/cheapsslsecurity.com\/blog\/code-signing-101-how-to-sign-an-exe-or-application\/#article","isPartOf":{"@id":"https:\/\/cheapsslsecurity.com\/blog\/code-signing-101-how-to-sign-an-exe-or-application\/"},"author":{"name":"Savvy Security","@id":"https:\/\/cheapsslsecurity.com\/blog\/#\/schema\/person\/1ce9a5743b7f25b5be6e4972864b4493"},"headline":"Code Signing 101: How to Sign an Exe or Application","datePublished":"2022-07-21T18:24:00+00:00","dateModified":"2022-07-21T18:24:01+00:00","mainEntityOfPage":{"@id":"https:\/\/cheapsslsecurity.com\/blog\/code-signing-101-how-to-sign-an-exe-or-application\/"},"wordCount":1612,"image":{"@id":"https:\/\/cheapsslsecurity.com\/blog\/code-signing-101-how-to-sign-an-exe-or-application\/#primaryimage"},"thumbnailUrl":"https:\/\/cheapsslsecurity.com\/blog\/wp-content\/uploads\/2022\/07\/how-to-sign-an-exe-feature.jpg","keywords":["Code Signing","How to Sign an Exe"],"articleSection":["SSL &amp; PKI"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/cheapsslsecurity.com\/blog\/code-signing-101-how-to-sign-an-exe-or-application\/","url":"https:\/\/cheapsslsecurity.com\/blog\/code-signing-101-how-to-sign-an-exe-or-application\/","name":"Code Signing 101: How to Sign an Exe or Application","isPartOf":{"@id":"https:\/\/cheapsslsecurity.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/cheapsslsecurity.com\/blog\/code-signing-101-how-to-sign-an-exe-or-application\/#primaryimage"},"image":{"@id":"https:\/\/cheapsslsecurity.com\/blog\/code-signing-101-how-to-sign-an-exe-or-application\/#primaryimage"},"thumbnailUrl":"https:\/\/cheapsslsecurity.com\/blog\/wp-content\/uploads\/2022\/07\/how-to-sign-an-exe-feature.jpg","datePublished":"2022-07-21T18:24:00+00:00","dateModified":"2022-07-21T18:24:01+00:00","author":{"@id":"https:\/\/cheapsslsecurity.com\/blog\/#\/schema\/person\/1ce9a5743b7f25b5be6e4972864b4493"},"description":"We'll walk you through how to sign an exe in four easy steps using Microsoft SignTool in the Windows Command Prompt.","breadcrumb":{"@id":"https:\/\/cheapsslsecurity.com\/blog\/code-signing-101-how-to-sign-an-exe-or-application\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/cheapsslsecurity.com\/blog\/code-signing-101-how-to-sign-an-exe-or-application\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/cheapsslsecurity.com\/blog\/code-signing-101-how-to-sign-an-exe-or-application\/#primaryimage","url":"https:\/\/cheapsslsecurity.com\/blog\/wp-content\/uploads\/2022\/07\/how-to-sign-an-exe-feature.jpg","contentUrl":"https:\/\/cheapsslsecurity.com\/blog\/wp-content\/uploads\/2022\/07\/how-to-sign-an-exe-feature.jpg","width":1600,"height":1000},{"@type":"BreadcrumbList","@id":"https:\/\/cheapsslsecurity.com\/blog\/code-signing-101-how-to-sign-an-exe-or-application\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/cheapsslsecurity.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Code Signing 101: How to Sign an Exe or Application"}]},{"@type":"WebSite","@id":"https:\/\/cheapsslsecurity.com\/blog\/#website","url":"https:\/\/cheapsslsecurity.com\/blog\/","name":"Savvy Security","description":"Practical cybersecurity advice","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/cheapsslsecurity.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/cheapsslsecurity.com\/blog\/#\/schema\/person\/1ce9a5743b7f25b5be6e4972864b4493","name":"Savvy Security","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/4e5539150b16b5af1d22136f03dedda89a96babb3e9b5ceb18c2bde4e1dcba57?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/4e5539150b16b5af1d22136f03dedda89a96babb3e9b5ceb18c2bde4e1dcba57?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4e5539150b16b5af1d22136f03dedda89a96babb3e9b5ceb18c2bde4e1dcba57?s=96&d=mm&r=g","caption":"Savvy Security"},"description":"Welcome to Savvy Security, a blog focused on providing practical cybersecurity advice for website owners and small businesses. Our team brings you the latest news, best practices and tips you can use to protect your business...without a multi-million dollar budget or 24\/7 security teams.","sameAs":["blogadmin"],"url":"https:\/\/cheapsslsecurity.com\/blog\/author\/blogadmin\/"}]}},"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/cheapsslsecurity.com\/blog\/wp-json\/wp\/v2\/posts\/7633","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cheapsslsecurity.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cheapsslsecurity.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cheapsslsecurity.com\/blog\/wp-json\/wp\/v2\/users\/8"}],"replies":[{"embeddable":true,"href":"https:\/\/cheapsslsecurity.com\/blog\/wp-json\/wp\/v2\/comments?post=7633"}],"version-history":[{"count":0,"href":"https:\/\/cheapsslsecurity.com\/blog\/wp-json\/wp\/v2\/posts\/7633\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cheapsslsecurity.com\/blog\/wp-json\/wp\/v2\/media\/7642"}],"wp:attachment":[{"href":"https:\/\/cheapsslsecurity.com\/blog\/wp-json\/wp\/v2\/media?parent=7633"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cheapsslsecurity.com\/blog\/wp-json\/wp\/v2\/categories?post=7633"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cheapsslsecurity.com\/blog\/wp-json\/wp\/v2\/tags?post=7633"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}