I'm working on a Powershell script to replicate what signtool.exe
does. I'm using it on an Installer exe.
I found that Set-AuthenticodeSignature
handles the signing of the file with a certificate, but I'm also looking for the signtool
feature that signs an ActiveX control on the file.
SignTool sign /f MyCert.pfx /t timestampURL /du "webpageURL" /d "mycompany" MyInstaller.exe
Set-AuthenticodeSignature
is able to handle the /f
and /t
parameters with -Certificate
and -TimestampServer
respectively.
So my question is, is there a cmdlet that handles the /d
and /du
?
Referencing the SignTool page:
The following command signs an ActiveX control and provides information that is displayed by Internet Explorer when the user is prompted to install the control:
SignTool sign /f MyCert.pfx /d "My Product Name" /du "http://www.example.com/my_product/info.html" MyControl.exe
SignTool is available as part of the Windows SDK, which you can download from https://developer.microsoft.com/windows/downloads/windows-10-sdk/. The Windows 10 SDK, Windows 10 HLK, Windows 10 WDK and Windows 10 ADK builds 20236 and later require specifying the digest algorithm.
What is signtool.exe? signtool.exe is a legitimate process file of Authenticode (R) – a signing and verifying tool. It is a part of Windows Operating System developed by Microsoft Corporation.
There is no equivalent for a description or a URL within the Powershell Cmdlet Set-AuthenticodeSignature
.
You can, however, still call Signtool from Powershell if having a URL is important for your product. I would approach the problem with the call operator like so:
$signString = 'Signtool.exe sign /f MyCert.pfx /d "My Product Name" /du "http://www.example.com/my_product/info.html" MyControl.exe'
& $signString
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With