Home Order Patches News Support

Frequently Asked Questions

  1. Where do I get a code signing certificate?
  2. Where do I get SignTool.exe?
  3. How do I create a .pfx file?


  1. Where do I get a code signing certificate?

    Comodo, Thawte, and VeriSign sell code signing certificates. Don't confuse these with their SSL certificates, which cannot be used for code signing. You can get a discount on Comodo code signing certs from K Software.

  2. Where do I get SignTool.exe?

    Even though this is a free utility, Microsoft has not made this a separate download. If you use any Microsoft development tools, you may already have it on your system (use Window's Start/Search function). Otherwise, you can install their Windows 2003 Server SDK and find it buried in there. SignTool.exe uses CapiCom.dll, which has to be in the system path or in the same folder as SignTool.exe.

  3. How do I create a .pfx file?

    Your certificate provider will give you a .pvk (private key file) and an .spc (software publisher certificate) file. Use Microsoft's Pvkimprt.exe utility to create your .pfx (personal information exchange) file. The Association of Shareware Professionals has some handy instructions. If your cert provider did not give you any files to download then your web browser likely installed it directly on your system. Use these instructions to export your pfx file.