signcode - Windows Code Signing Tool v1.1 2023-04-14

Download signcode (72 KB)

SignCode is a tool to code-sign (AuthentiCode) portable executable (PE) files.

Feature

• Sign multiple files at once
• Support wildcard characters: the asterisk (*) and question mark (?) 
• Load configuration from signcode.ini

Command Line:

signcode [options] file1 file2 ... fileN
    /n  Specify the Subject Name or SHA1 thumbprint of the signing cert
    /t  Specifies the RFC 3161 timestamp server's URL
    /v       Print verbose success and status messages

If no /n specified, will read CertName and TimeStampUrl in signcode.ini.

some available timestamp server's URL:
http://time.certum.pl
http://ts.ssl.com
http://timestamp.digicert.com
http://tsa.starfieldtech.com
http://timestamp.globalsign.com
http://timestamp.comodoca.com/rfc3161

signcode.ini Format:

[SIGNCODE]
; Certificate Subject Name or SHA1 thumprint
CertName=0ebc26dc13da9132a1e41632e63373c093094565

; Timestamp server's URL, if not specified, will not add timestamp
TimeStampUrl=http://ts.ssl.com

Examples:

// signing all .exe in current directory by certificate which SHA1 thumbprint is "Yubsoft Inc."
signcode -n 0ebc26dc13da9132a1e41632e63373c093094565 *.exe

// signing a.exe, b.exe by certificate which subject name is "Yubsoft Inc."
signcode -n "Yubsoft Inc." a.exe b.exe

// will read CertName and TimeStampUrl in signcode.ini, equivalent to:
// signcode -n 0ebc26dc13da9132a1e41632e63373c093094565 -t http://ts.ssl.com a.exe
signcode a.exe

References:

How to programmatically sign an app package (C++)