Windows clients installer (recommended)
We recommend this approach of installing the DigiCert® KeyLocker client tools on Windows.
Easily deploy and configure all the tools and libraries you may require for signing both Microsoft and non-Microsoft files on Window using a wizard supported installation experience.
What clients are included in the installer?
The following clients will be installed:
SMCTL provides a Command Line Interface (CLI) that facilitates manual or automated private key, certificate management, and signing with or without the need for human intervention.
DigiCert Click-to-sign provides Windows customers with a simple UI-based signing workflow that does not require use of the SMCTL. After you specify your signing preferences in the DigiCert Click-to-sign installation wizard, you simply need to right-click on a file or folder to sign.
The PKCS11 library handles secure key generation, application hash signing, and associated certificate-related requirements when the signing request does not require the transportation of files and intellectual property.
KSP is a Microsoft CNG (Cryptographic: Next Generation) library-based client-side tool
The JCE library is used for signing with Jarsigner and integrates with any operating system that supports Java.
Download Windows clients installer
Sign in to DigiCert ONE.
Navigate to > Resources > Client tool repository.
Select Windows as your operating system.
Click the download icon next to clients installer.
Installation
Run Keylockertools-windows-x64.msi.
Follow the wizard to install the tools on your system.
Configure SMCTL
Select one of the four methods below to configure your environment variables for SMCTL. The most secure method is to store your API key and Client authentication certificate password in Windows Credential Manager.
Install DigiCert Click-to-sign
Run the DigiCert_Click_to_sign.msi application.
In the DigiCert Click-to-sign installation wizard, complete the following: