Windows clients installer (recommended)
We recommend this approach of installing the DigiCert® Software Trust Manager client tools on Windows.
Easily deploy and configure all the tools and libraries you may require for signing both Microsoft and non-Microsoft files on Window using a wizard supported installation experience.
What clients are included in the installer?
The following clients will be installed:
SMCTL provides a Command Line Interface (CLI) that facilitates manual or automated private key, certificate management, and signing with or without the need for human intervention.
The PKCS11 library handles secure key generation, application hash signing, and associated certificate-related requirements when the signing request does not require the transportation of files and intellectual property.
DigiCert® Software Trust Manager KSP is a Microsoft CNG (Cryptographic: Next Generation) library-based client-side tool
The JCE library is used for signing with Jarsigner and integrates with any operating system that supports Java.
This tool will only work if software scanner is enabled on your Software Trust Manager account. It is a Dynamic Application Security Testing (DAST) service powered by ReversingLabs to scan your software for malware, vulnerabilities, secrets, and more before releasing your software to the public.
Download Windows clients installer
Sign in to DigiCert ONE.
Navigate to DigiCert® Software Trust Manager > Resources > Client tool repository.
Select Windows as your operating system.
Click the download icon next to DigiCert® Software Trust Manager clients installer.
Installation
Run smtools-windows-64x.msi.
Follow the wizard to install the tools on your system.
Configure SMCTL
Select one of the four methods below to configure your environment variables for SMCTL. The most secure method is to store your API key and Client authentication certificate password in Windows Credential Manager.