The following command adds the catalog file MyCatalogFileName.cat to the system component and driver database. The /v option generates a unique name if necessary to prevent replacing an existing catalog file named MyCatalogFileName.cat.
signtool catdb /v /u MyCatalogFileName.cat
The following command signs a file automatically by using the best certificate.
signtool sign /a MyFile.exe
The following command digitally signs a file by using a certificate stored in a password-protected PFX file.
signtool sign /f MyCert.pfx /p MyPassword MyFile.exe
The following command digitally signs and time-stamps a file. The certificate used to sign the file is stored in a PFX file.
signtool sign /f MyCert.pfx /t http://timestamp.verisign.com/scripts/timstamp.dll MyFile.exe
The following command signs a file by using a certificate located in the My store that has a subject name of My Company Certificate.
signtool sign /n "My Company Certificate" MyFile.exe
The following command signs an ActiveX control and provides information that is displayed by Internet Explorer when the user is prompted to install the control.
Signtool sign /f MyCert.pfx /d: "MyControl" /du http://www.example.com/MyControl/info.html MyControl.exe
The following command time-stamps a file that has already been digitally signed.
signtool timestamp /t http://timestamp.verisign.com/scripts/timstamp.dll MyFile.exe
The following command verifies that a file has been signed.
signtool verify MyFile.exe
The following command verifies a system file that may be signed in a catalog.
signtool verify /a SystemFile.dll
The following command verifies a system file that is signed in a catalog named MyCatalog.cat.
signtool verify /c MyCatalog.cat SystemFile.dll