Test Microsoft SignTool commands

this section demonstrates two microsoft signtool commands ( signtool sign and signtool verify ) the signtool sign command applies specifically to this integration because it is the only signtool command that initiates communication with the kmes series 3 signtool must be able to access the private key that is stored on the kmes to complete the code signing operation successfully sign a file using the configured code signing certificate the following example signs an exe file, but you can sign other types of files by using signtool refer to the following url for details https //docs microsoft com/en us/windows/win32/seccrypto/cryptography tools https //docs microsoft com/en us/windows/win32/seccrypto/cryptography tools open the windows command prompt and run the following command (replace mycertificate with the subject name of your certificate and example exe with the name of the file that you are signing) signtool sign /sm /fd sha256 /s my /n "mycertificate" example exe if the command succeeds, you see the following message done adding additional store successfully signed example exe verify the file that was signed to verify the file that was signed, run the following command signtool verify /pa example exe if the command succeeds, you see the following message file example exe index algorithm timestamp \======================================== 0 sha1 none successfully verified example exe