Code Signing Your Winqual.exe File

Because DigiCert’s standard code signing and EV code signing certificates are accepted by Microsoft, you can use them to sign code and your winqual.exe file before you upload the winqual.exe file to the Windows Dev Center.

Signing the Winqual.exe File Using the DigiCert Certificate Utility

After you install your code signing certificate or activate your EV codes signing token, you can use the DigiCert® Certificate Utility for Windows to sign your code and your winqual.exe file.

• If you have not yet ordered your Code Signing Certificate, see Code Signing Certificates.

• If you have not yet installed your DigiCert® Code Signing Certificate, see Install Code Signing Certificates from DigiCert.

• If you have not yet activated your EV code signing token, see Activate Your EV Code Signing Hardware.

After installing your DigiCert Code Signing Certificate on your Windows server or workstation or activating your DigiCert EV Code Signing Certificate, you can then use the DigiCert® Certificate Utility for Windows to sign your winqual.exe.
See How to Sign Your Winqual.exe File with the DigiCert Certificate Utility.

You can also use the DigiCert Certificate Utility to check your winqual.exe file's signature.
See How to Check Your Winqual.exe File's Signature

How to Sign Your Winqual.exe File with the DigiCert Certificate Utility

1. If you are using an EV Code Signing Certificate, plug in your token/device now.

2. On your Windows server or workstation, download and extract the winqualexe.zip from http://go.microsoft.com/fwlink/?LinkId=393250.

3. Next, download and save the DigiCert® Certificate Utility for Windows executable (DigiCertUtil.exe).

4. Run the DigiCert® Certificate Utility for Windows.

   Double-click DigiCertUtil.

5. In the DigiCert Certificate Utility for Windows©, click Code Signing (blue and silver shield), select the Code Signing or EV Code Signing Certificate that you want to use to sign your code, and then, click Sign Files.

   If you do not see your EV Code Signing Certificate, plug in your token now.

   

6. In the Code Signing window, click Add Files and then browse to and select the winqual.exe file that you want to sign.

   

7. Next, check Add a timestamp to the signature if you want to time stamp your signature.

   • To add a timestamp, you must be connected to the Internet.

   • Adding a timestamp allows your signature to remain valid after the Code Signing Certificate has expired, as long has the code remains unchanged.

8. Finally, click Sign.

9. When you receive the “All the files have been successfully signed” message, click OK.

   

10. Congratulations, you should now have a freshly signed winqual.exe file, ready to upload to the Microsoft Windows Dev Center!

How to Check Your File's Signature

1. In the DigiCert Certificate Utility for Windows©, click Code Signing (blue and silver shield).

   

2. Next, click Check Signature to select and open the Winqual.exe file whose signature you want to check.

3. In the Code Singed Signature Check window, you should see a green checkmark for “The file is signed and the signature was verified”.

   If you checked Add a timestamp to the signature, you should also see a green checkmark for “The signature was time stamped by DigiCert Inc on 'Date and Time'”.