Simplify Certificate Management and Installation on Windows Servers

The DigiCert Certificate Utility for Windows is an invaluable tool for anyone that manages SSL and Code Signing Certificates. As a Certificate Authority and leader in digital certificate support, DigiCert created this tool to specifically target our customer's pain points.

With features like automatic CSR creation and SSL Certificate installation, easy code signing, and certificate troubleshooting and management you're probably thinking "how much does this tool cost?" Luckily DigiCert created this utility to make managing digital certificates easier—so we let you download it for free. And you don't have to be a DigiCert customer to use it. Our goal is to provide a great utility, not force you to buy certificates from us.


About the Certificate Utility

Easily Sign Files and Batches of Code

Formerly, signing your software with a code signing certificate was an arcane and time-consuming process. Depending on the code you were signing, you would need to research how to sign the code, track down all the necessary assets, and labor through a clunky command line process. Fortunately, DigiCert’s utility for Windows turns this process into a smooth and easy procedure. Simply open the utility, navigate to the file you want to sign, and click a button. If you are signing a piece of kernel code, the utility can automatically ensure that the correct intermediate certificates are being used, saving you from the frustrating troubleshooting that can result from broken certificate chains. After signing your code, the utility can verify if it was signed correctly and let you know what certificates were used. It can also give you information about the time stamp and whether any errors occurred during the process.

Painless Troubleshooting and Management

Unless you work with certificates every day, managing them on Windows servers isn't easy. Root certificates, intermediate certificates, private keys... the list goes on. Sometimes it can feel like you have to do brain surgery on your server to fix a certificate problem. But with this utility you can manage, troubleshoot, and fix the certificates on your server—all without opening command prompt to run special certutil commands or dig through the MMC Certificate Snap-in!

One-Click CSR Generation and Certificate Installation

Like most people who deal with SSL Certificates, DigiCert knows that the CSR creation and installation process is a hassle. That’s why we added automated CSR generation and certificate installation features to our utility. After you buy a certificate and it's validated, download the utility and log in using your regular account credentials. Then click Install. The utility will create the private key and CSR, send the CSR to DigiCert, issue the certificate, and install the issued certificate. It’s that easy.

Please note that though this tool can be used by anyone, the CSR generation and certificate installation features are only available to DigiCert customers.

Buy DigiCert Certificates Now


The DigiCert Certificate Utility lets you:

  • Create a private key and CSR, send the CSR to DigiCert, issue the certificate, and install the issued certificate in just one click
  • Generate and upload a CSR before a certificate is validated
  • Install certificates that already have CSRs in one click
  • Track the status of pending orders and view the associated SANs for each certificate
  • See all of the SSL Certificates installed on your server
  • View details for each certificate
  • Copy SSL Certificates between servers
  • Renew SSL Certificates
  • Fix intermediate certificate problems
  • Edit your certificate's friendly name
  • Show the SSL Certificate chain that a server is sending to clients (great for internal networks)
  • Install a certificate to a pending request
  • Test a certificate's private key and revocation status
  • Delete old certificates and stay organized
  • Sign or re-sign multiple pieces of code in just one step
  • Sign code with the click of a button
  • Automatically check to make sure the correct certificate is being used for kernel-mode signing
  • Prevent broken certificate chains
  • Verify signed code
  • Check for errors during the code signing process
  • Look at time stamp information
  • Repair a certificate that is not associated correctly to a private key
  • Run the code signing portion of the utility through a command prompt


Q: How Can I Tell It's Really from DigiCert?
ANSWER: View the Code Signing Certificate and verify that the DigiCert Certificate Utility is really from DigiCert.
  1. After you download the DigiCert® Certificate Utility for Windows, right-click DigiCertUtil.exe and click Properties.
  2. In the DigiCertUtil.exe Properties window, on the Digital Signatur tab, you should see a signature from DigiCert, Inc.
  3. Select DigiCert, Inc., and then click Details.
  4. In the Digital Signature Details window, click View Certificate.
  5. The Code Signing Certificate in the DigiCert Certificate Utility should be issued to DigiCert, Inc. and issued by DigiCert.
Q: Do You Plan to Add More Features?
ANSWER: Yes! We add new functionality all the time. If you are a customer of ours and have ideas for new features, let us know. We are happy to integrate additional features into our tools.
Q: Does DigiCert Offer Any Other Free Tools?
ANSWER: Yes! Below are a few more free DigiCert tools:
Q: What if I Find a Bug or Have a Suggestion?
ANSWER: Send an email to We'd love to hear from you! Or, just pick up the phone and give us a call. Our customer support is available 24/7.