DigiCert Click-to-sign is a DigiCert® KeyLocker client tool that provides Windows customers with a simple, UI-based signing workflow that does not require using the DigiCert® KeyLocker command line interface.
After you specify your signing preferences in the DigiCert Click-to-sign installation wizard, you simply need to right-click on a file or folder to sign.
DigiCert® Click-to-sign relies on Signing Manager Controller (SMCTL) and PKCS#11 library to sign.
Note
These client tools must be stored in the C:\Program Files\DigiCert\DigiCert KeyLocker Tools\
folder to be used by DigiCert Click-to-sign.
Windows 10 operating system
.NET Framework (version 4.7 or higher)
Download and configure DigiCert® KeyLocker clients
File or folder to be signed
Operating systems use the environment variable called PATH to determine where executable files are stored on your system.
Use the PATH environment variable to store the file path to your DigiCert Keylocker Tools to ensure that the DigiCert® Click-to-sign can reference these tools.
You can set the PATH environment variable to DigiCert Keylocker Tools using command line or environment variables.
To set the path to your signing tools via the command line:
Run:
set PATH=%path%;<Path to DigiCert Keylocker Tools folder>
Command sample:
set PATH=%path%;C:\\Program Files\\DigiCert\\DigiCert Keylocker Tools
To verify that the tool has been integrated, run the following command in SMCTL:
smctl healthcheck --tools
To set the path to your signing tools for your system or account:
Search for environment variables in the Windows start menu.
Select Edit environment variables for your account or Edit system environment variables.
Double click on the Path variable.
Select New.
Select Browse.
Select the path to the signing tool:
Signtool 64-bit path example: C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x64
Signtool 32-bit path example: C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x86
Jarsigner path example: C:\Program Files\Java\jdk-17\bin\
Apksigner path example: C:\build-tools\31.0.0
Select OK to save the path.
Select OK to close the dialog.
To sign immediately using the default settings you selected during the configuration:
Right-click on the file you want to sign.
Select DigiCert® Click-to-sign > Sign now.
To review the file or folder selected for signing and the default settings before signing:
Right-click on the file you want to sign.
Select DigiCert® Click-to-sign > Review and sign.
Review the selected file and default settings.
Select Sign.
To update your default user credentials, signing algorithm, timestamp settings, and certificate:
Right-click on the file.
Select DigiCert® Click-to-sign > Settings.
Change your preferences.
Select Save.