|
Option
|
Description
|
| -$ authority | Specifies the signing authority of the certificate, which must be either individual or commercial. By default, Signcode.exe uses the certificate's highest permission. |
| -a algorithm | Specifies the hashing algorithm for signing, which must be either md5 (the default) or sha1. |
| -c file | Specifies the file that contains the encoded software publishing certificate. |
| -cn name | Specifies the common name of the certificate. |
| -i info | Specifies a place to get more information on content (usually a URL). |
| -j dllName | Specifies the name of a DLL that returns an array of authenticated attributes for signing files. You can specify more than one DLL by repeating the -j option. |
| -jp param | Specifies a parameter to be passed for the preceding DLL. For example: -j dll1 -jp dll1Param. The tool allows only one parameter per DLL. |
| -k keyname | Specifies the key container name. |
| -ky keytype | Specifies the key type, which must be signature, exchange, or an integer (such as 4). |
| -n name | Specifies a text name that represents the content of the file to sign. |
| -p provider | Specifies the name of the cryptographic provider on the system. |
| -r location | Specifies the location of the certificate store in the registry, which must be either currentuser (the default) or localmachine. |
| -s store | Specifies the certificate store that contains the signing certificate. The default is my store. |
| -sha1 thumbprint | Specifies the thumbprint, which is the sha1 hash of the signing certificate included in the certificate store. |
| -sp policy | Sets the certificate store policy, which must be either spcStore (the default) or chain. If you specify chain, all certificates in the verification chain, including self-signed certificates, are added to the signature. If you specify spcStore, trusted, self-signed certificates are not included with the certificates in the chain that are added to the signature. |
| -spc file | Specifies the SPC file that contains software publishing certificates. |
| -t URL | Indicates that the file is to be timestamped by the timestamp server at the specified http address. |
| -tr number | Specifies the maximum number of timestamp trials until success; defaults to 1. |
| -tw number | Specifies the delay (in number of seconds) between each timestamp trial. Defaults to 0. |
| -v pvkFile | Specifies the private key (.pvk) file name that contains the private key. |
| -x | Timestamps, but does not sign, the file. |
| -y type | Specifies the cryptographic provider type to use. A cryptographic provider contains implementations of cryptographic standards and algorithms. For a list of the default provider types, see "Microsoft Cryptographic Service Providers" in the Platform SDK. |
| -? | Displays command syntax and options for the tool. |