Files Editing Features > Sign Files

Sign Files tool allows to sign digitally your files on disk.
To sign files please click on the Sign button located at Main toolbar > Tools tab  > Tools group

 

Files signing is a mechanism whereby publishers of software and content can use a certificate-based digital signature to verify their identities to users of the code, thus allowing users to decide whether or not to install it based on whether they trust the publisher. Files signing has been touted as a major security feature.
The advantage of using signed files is that users can know, before they install software programs and active content (such as ActiveX or other document files) whether the code/file is trustworthy.

Please note that not all files in your computer may be signed, only executable ones such as: .exe, .dll , .ocx etc
To use this tool you must have your certificate files issued to you by some of the certificate authority companies like VeriSign, Comodo etc

 

At the main software ribbon bar new page with signing commands will be shown:
 

 

 

Sign

Click this button to sign digitally selected file in current File Browser

 

Description

Here you can enter the description of your digital certificate. It may be your name or your company name.

This description will appear when user will try to open your files for example after downloading :

 

Password

Here you can enter the password of your digital certificate. The password must be the same as supplied when obtaining a certificate from a certificate issuer.

 

Url

Here you can enter the Url, an Internet address of your certificate. It may be address to your web site

The description of your digital certificate will have a link to this address, you can see it in the Description sample picture above.

 

Private Key

Here you can enter manually the path to your .pvk file of your issued certificate.
Also you can pick the file using files dialog Set Key

Private key file is required when you use SignCode tool

 

Certificate

Here you can enter manually the path to your certificate file of your issued certificate.
Also you can pick the file using files dialog Set Certificate

The .spc file is required when you use SignCode tool.

The .pfx file is required when you use SignTool tool.

 

Set Key

Click this button to set the path to your private key file. If you have that file already selected in File Browser then it will be set at once, if not then you will be prompted to select a file with file dialog window.

 

Set Certificate

Click this button to set the path to your certificate file. If you have that file already selected in File Browser then it will be set at once, if not then you will be prompted to select a file with file dialog window.

 

Tool

To sign your files Sprintbit File Manager can use one of two tools provided by Windows operating system

SignTool.exe or SignCode.exe

If you do not have them installed on your system then tools are available as part of the Windows SDK, which you can download from
http://go.microsoft.com/fwlink/?linkid=84091.

They both accomplish the same thing -- files signing. The principal difference is that signcode requires the private key and software publisher certificate to be in two separate files (.pvk, .spc).

The more modern signtool requires that they are contained in a single Personal Information Exchange (.pfx) file.

 

Close
Closes the Sign Files page

 

 

How to check if a file is digitally signed


This is actually quite simple: Right-click on the file in questions, select Properties and select the "Digital Signatures" tab. The name of the file publisher is displayed. Select the publisher and click on "Details" to find out more about the publisher.