Skip to main content

Sign with DigiCert​​®​​ Click-to-sign

DigiCert Click-to-sign is a DigiCert​​®​​ KeyLocker client tool that provides Windows customers with a simple UI-based signing workflow that does not require use of the DigiCert​​®​​ KeyLocker command line interface. After you specify your signing preferences in the DigiCert Click-to-sign installation wizard, you simply need to right-click on a file or folder to sign.

Tip

Click-to-sign does not sign file names with specific characters, review the following:

  • Supported characters: @ % ^ ( ) - _ = [ ] { } ;

  • Unsupported characters: | ` $ > < # ! ' & +.

To avoid errors, remove unsupported characters from file names before attempting to sign.

DigiCert​​®​​ Click-to-sign relies on Signing Manager Controller (SMCTL) and PKCS#11 library to sign.

Note

These client tools must be stored in the C:\Program Files\DigiCert\DigiCert KeyLocker Tools\ folder to be used by DigiCert Click-to-sign.

Prerequisites

Set PATH environment variable

Operating systems use the environment variable called PATH to determine where executable files are stored on your system. Use the PATH environment variable to store the file path to your DigiCert Keylocker Tools to ensure that the DigiCert​​®​​ Click-to-sign can reference these tools.

You can set the PATH environment variable to DigiCert Keylocker Tools using command line or environment variables.

To set the path to your signing tools via command line:

  1. Run:

    set PATH=%path%;<Path to DigiCert Keylocker Tools folder>

    Command sample:

    set PATH=%path%;C:\\Program Files\\DigiCert\\DigiCert Keylocker Tools

  2. To verify that the tool has been integrated run the following command in SMCTL:

    smctl healthcheck --tools

To set the path to your signing tools for your system or account:

  1. Search for environment variables in the Windows start menu.

  2. Select Edit environment variables for your account or Edit system environment variables.

  3. Double click on the Path variable.

  4. Click New.

  5. Select Browse.

  6. Provide the path to DigiCert Keylocker Tools: C:\Program Files\DigiCert\DigiCert Keylocker Tools

  7. Click OK to save the path.

  8. Click on OK to close the dialog.

Sign now

To sign immediately using the default settings you selected during the configuration:

  1. Right-click on the file you want to sign.

  2. Select DigiCert​​®​​ Click-to-sign > Sign now.

Review and sign

To review the file or folder selected for signing and the default settings before signing:

  1. Right-click on the file you want to sign.

  2. Select DigiCert​​®​​ Click-to-sign > Review and sign.

  3. Review the selected file and default settings.

  4. Select Sign.

Change default settings

To update your default user credentials, signing algorithm, timestamp settings, and certificate:

  1. Right-click on the file.

  2. Select DigiCert​​®​​ Click-to-sign > Settings.

  3. Change your preferences.

  4. Select Save.

In this section: