





Azure Sign Tool is an open-source utility with a SignTool feature for storing code signing certificates within Azure Key Vault. Similarly, developers even use Azure Key Vault for code signing windows files.
Hence, if you’re looking to sign windows files from the Windows Command line using a code signing certificate and private key stored within Azure Key Vault, then you’re reading the right article, as we will discuss the same.
But, before you begin code signing, you’ll require to follow certain perquisites, and they’re:
Once you fulfill the abovementioned perquisites, go through the steps below to code sign a windows file with a code signing certificate stored within an Azure Key Vault.
Register a new Azure application so you can further connect it with the Key Vault for code signing it:
Now, you’ll require to generate a client secret, which will provide a credential at the time of code signing. For the same, follow the below steps:
Now, you’ll need to enable access to your application within Microsoft Azure Key Vault and for that, follow the below steps:
Go to the Key Vault that contains the code signing certificate you want to use for the code signing windows file. And then click the link named Access policies.
Once you complete the above steps, you can code sign windows file. And for code signing, follow the below-mentioned steps. But before you begin code signing, ensure the below information is readily available:
azuresigntool sign -kvu Key-VAULT-URI -kvc CERTIFICATE-NAME -kvi APPLICATION-CLIENT-ID
-kvs CLIENT-SECRET -tr http://ts.domain.com/ -td sha256 PATH-TO-EXECUTABLE
If your code signing is correct, you’ll be able to see the output like below:
info: AzureSignTool.Program[0]
==> File: test.exe
Signing file test.exe
info: AzureSignTool.Program[0]
==> File: test.exe
Signing completed successfully for file test.exe
info
PS C:\Users\Code Sign\Desktop>
Further, if the code signing process isn’t correct, you’ll not get any output.
Lastly, you’ll be able to see code signing details from the file properties.
Name of Product | Validation Needs | Issuance Time | Our Price |
---|---|---|---|
DigiCert OV Code Signing | Business | 1-5 Days | $369.99/yr |
DigiCert EV Code Signing | Business | 1-5 Days | $519.99/yr |