Skip to main content

Sign with DigiCert​​®​​ Click-to-sign

DigiCert Click-to-sign is a DigiCert​​®​​ KeyLocker client tool that provides Windows customers with a simple, UI-based signing workflow that does not require using the DigiCert​​®​​ KeyLocker command line interface.

After you specify your signing preferences in the DigiCert Click-to-sign installation wizard, you simply need to right-click on a file or folder to sign.

DigiCert​​®​​ Click-to-sign relies on Signing Manager Controller (SMCTL) and PKCS#11 library to sign.

Note

These client tools must be stored in the C:\Program Files\DigiCert\DigiCert KeyLocker Tools\ folder to be used by DigiCert Click-to-sign.

Prerequisites

Set PATH environment variables

Operating systems use the environment variable called PATH to determine where executable files are stored on your system.

Use the PATH environment variable to store the file path to your DigiCert Keylocker Tools to ensure that the DigiCert​​®​​ Click-to-sign can reference these tools.

You can set the PATH environment variable to DigiCert Keylocker Tools using command line or environment variables.

To set the path to your signing tools via the command line:

  1. Run:

    set PATH=%path%;<Path to DigiCert Keylocker Tools folder>
    

    Command sample:

    set PATH=%path%;C:\\Program Files\\DigiCert\\DigiCert Keylocker Tools
    
  2. To verify that the tool has been integrated, run the following command in SMCTL:

    smctl healthcheck --tools

To set the path to your signing tools for your system or account:

  1. Search for environment variables in the Windows start menu.

  2. Select Edit environment variables for your account or Edit system environment variables.

  3. Double click on the Path variable.

  4. Select New.

  5. Select Browse.

  6. Select the path to the signing tool:

    • Signtool 64-bit path example: C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x64

    • Signtool 32-bit path example: C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x86

    • Jarsigner path example: C:\Program Files\Java\jdk-17\bin\

    • Apksigner path example: C:\build-tools\31.0.0

  7. Select OK to save the path.

  8. Select OK to close the dialog.

Sign now

To sign immediately using the default settings you selected during the configuration:

  1. Right-click on the file you want to sign.

  2. Select DigiCert​​®​​ Click-to-sign > Sign now.

Review and sign

To review the file or folder selected for signing and the default settings before signing:

  1. Right-click on the file you want to sign.

  2. Select DigiCert​​®​​ Click-to-sign > Review and sign.

  3. Review the selected file and default settings.

  4. Select Sign.

Change default settings

To update your default user credentials, signing algorithm, timestamp settings, and certificate:

  1. Right-click on the file.

  2. Select DigiCert​​®​​ Click-to-sign > Settings.

  3. Change your preferences.

  4. Select Save.

Publication date: