Navigation:  Actions > Files > Sign Code >

Sign Code Action Attributes Tab

Previous pageReturn to chapter overviewNext page

This tab of the Sign Code action specifies additional signing options.

 

Description: Specifies a name that represents the contents of the signed file (optional).

 

Signature hash algorithm: The hash/digest algorithm to use when signing (optional).  Values other than SHA1 requires signtool.exe v6.2 or later.

 

Timestamp server hash algorithm: The hash/digest algorithm for the timestamp server to use (optional, applies only for sign and timestamp commands).  If a value other than SHA1 is specified, you must use an RFC 3161 timestamp server (check the related option on the Sign tab) that supports SHA2 certificates.  Values other than SHA1 require signtool.exe v6.2 or later.

 

Don't sign if already signed: If checked and the file is already signed, it will leave the existing signature.  If unchecked, the file will always be signed again.

 

Retain original modification timestamp: If checked, after signing the file, its modification date+time will be restored to the value it had before signing.

 

Use Authenticode verification policy: Applies only to the Verify command.  If unchecked, uses the Windows Driver Verification Policy rather than the Authenticode Verification Policy.

 

Verify all signatures: Applies only to the Verify command.  If checked, verifies all signatures in a file that includes multiple signatures.

 

Verbose output: If checked, the information about the file's digital certificate is logged.

 

Minimal output: If checked, logs no output on successful execution and minimal output for failed execution (mutually exclusive with Verbose option).

 

Additional command-line options: This action invokes the signtool.exe command-line program to sign, timestamp, or verify a file, and this option can be used to specify additional flags to pass to the tool.

 

Override signtool executable filename: If this field is blank, the action will attempt to automatically locate signtool.exe in a Microsoft Windows SDK installation or the Visual Build Tools path.  If not found, either install the Tools option of the Microsoft Windows SDK or reinstall Visual Build and select Full installation.