Table of contents
Collapse the table of content
Expand the table of content

Signing a Catalog File with a Commercial Release Certificate

Last Updated: 7/30/2016

Use the following SignTool command to sign the catalog file of a kernel-mode driver package with a commercial release certificate.

Note For 32-bit versions of Windows Vista and later versions of Windows, only a commercial release certificate can be used to sign kernel-mode drivers to be released on these Windows versions.

SignTool sign /v /s CertificateStore /n CertificateName /t


  • The sign command configures SignTool to sign the catalog file

  • The /v verbose option configures SignTool to print execution and warning messages.

  • The /sCertificateStore option specifies the name of the certificate store that contains the CertificateName certificate. Follow the instructions of the certification authority (CA) that issued the certificate on how to install the certificate in the system certificate stores.

  • The /nCertificateName option specifies the name of the certificate in the CertificateStore certificate store.

  • The /t option supplies the URL to the publicly-available time-stamp server that VeriSign provides.

  • is the name of the catalog file.

© 2016 Microsoft