Signotaur Client Tool

SignotaurTool.exe is a command-line utility designed to sign files using the Signotaur service. The tool provides functionality for file signing, timestamping, and verification.

Installation

By default, the installer places the client tool in the following directory:

%Program Files%\VSoft Technologies\Signotaur\ClientTool

Alternatively, you can download SignotaurTool.exe directly from the Signotaur server home page. The tool is distributed as a self-contained executable, allowing it to be copied and used on any system without requiring additional dependencies or installation steps.

Key Features

  • File Signing: Sign files with a certificate securely stored on the Signotaur server.
  • Timestamping: Apply a trusted timestamp to signatures for long-term validity.
  • Verification: Validate existing digital signatures to ensure integrity and authenticity.
  • Batch Processing: Support for signing, timestamping, and verifying multiple files at once without requiring user interaction.

Usage

Run the tool from the command line using the following syntax:

SignotaurTool.exe [options] <COMMAND>

Global Options

  • --help
    Displays help information, including usage instructions and available commands.

Commands

sign

Signs one or more files using a certificate stored on the Signotaur server. This command can optionally also timestamp and verify the signatures. For details about parameters and options, see the Sign Command Documentation.

Example:

SignotaurTool.exe sign -a <APIKey> -s <SignServer> -t <Thumbprint> --tr <TimeStampServer> --td SHA256 file1.exe file2.dll

timestamp

Adds a timestamp to an existing digital signature on one or more files. For more details, see the Timestamp Command Documentation.

Example:

SignotaurTool.exe timestamp --tr <TimeStampServer> --fb <FallbackTimeStampServer> --fb <FallbackTimeStampServer2>  --td SHA256 file1.exe file2.dll

verify

Verifies the integrity and authenticity of an existing digital signature on one or more files. For detailed usage, see the Verify Command Documentation.

Example:

SignotaurTool.exe verify file1.exe file2.dll

Additional Resources

  • Migrating from Signtool to SignotaurTool: Learn how to transition from using Microsoft's signtool.exe to SignotaurTool.exe.

Troubleshooting

If you encounter issues, ensure the following:

  1. The Signotaur service is running and accessible.
  2. The correct credentials and permissions are configured for accessing the Signotaur server.
  3. Files to be signed are not in use or locked by another application.
  4. If you are using a self-signed certificate on the server, ensure that are specifying the --allow-untrusted option on the command line.

System Requirements

  • Operating System: Windows 10 or Windows Server 2016 (or later)
  • Network: Access to the Signotaur server.