Import certificates into Windows Certificate Store

This section explains how to import the code-signing certificate (which Microsoft SignTool uses to sign files) and the CA certificates that issued the code-signing certificate into the Windows certificate store.

Import the CA certificates

Perform the following steps to import the CA certificates:

In Windows, open the Manage computer certificates application.

Right-click the Trusted Root Certificate Authorities certificate store, and select All Tasks > Import.

Select the Local Machine store if it’s not already selected. Select [ Next ].

Select [ Browse ] and find and select all the CA certificates (one or more) that signed the code-signing certificate you need for SignTool.

Select the option that puts all certificates in the Trusted Root Certificate Authorities store and select [ Next ].

Select [ Finish ].

Import the code-signing certificate

Perform the following steps to import the code-signing certificate:

In Windows, open the Manage computer certificates application.

Right-click the Personal certificate store and select All Tasks > Import.

Select the Local Machine store if it’s not already selected. Select [ Next ].

Select [ Browse ] and find and select the code-signing certificate that you need for SignTool. Select [ Next ].

Select the option that puts all certificates in the Personal store and select [ Next ].

Select [ Finish ].

⌘I

​Import the CA certificates

​Import the code-signing certificate

Import the CA certificates

Import the code-signing certificate