Due to requirements of specific user large enterprise environments signing of
arbitrary .exe generated by xpp compiler is doable in easy way.
Here is how:
Prerequisites are:
- Microsoft signtool.exe which is part of Microsoft SDK (32 bit) and is
available as free download from Microsoft
- a certificate in pfx form either supplied by end organisation or own issued
by certificate autjh (not self generated)
Here is call with a certificate, protected by awesomepassword and using Comodo
CA timestimemp server (SHA-1 timestamp):
signtool.exe sign /f FileWithSuppliedCertificate.pfx /p awesomepassword /t
http://timestamp.comodoca.com/authenticode NameOfExecutable32bit.exe
Exe is longer for few kB, Windows 10 file property displays relevant
information under exe properties.
Works well with certificates, stored on smart cards too.