Getting Started

Steps to Sign Files

1. Retrieve the Certificate Thumbprint

• Navigate to My Certificates in the Profile section of the Signotaur web interface.
• Find the required certificate, click the fingerprint icon to copy the thumbprint.
• Save the thumbprint securely for use in the command.

2. Generate an API Key

• Go to API Keys in the Profile section.
• Click Create New API Key, assign a name to the key, and save it.
• Copy the generated API key and store it in a secure location.

3. Download the Client Tool

• Click the Signotaur logo in the top-left of the interface.
• Select Download Client Tool to download SignotaurTool.exe.
• The client tool is self-contained and can be run directly without installation.

Signing Files Using the Client Tool

Once you've gathered the thumbprint and API key, you can use the SignotaurTool.exe to sign your files. Open a command prompt and enter the following command, replacing the placeholders with your specific details:

```shell SignotaurTool.exe sign --api-key --thumbprint --sign-server https://hostname:port --file-digest SHA384 --tr http://timestamp.digicert.com --td SHA256 --allow-untrusted ```

• --api-key <APIKey>: The API key you generated earlier.
• --thumbprint <CertificateThumbprint>: The thumbprint of the certificate you retrieved.
• --sign-server https://hostname:port: The URL of the Signotaur server.
• --file-digest SHA384: The digest algorithm used for the file signature (can also be SHA256 or SHA512).
• --tr http://timestamp.digicert.com: The timestamp server URL used to add a timestamp to your signature.
• --td SHA256: The timestamp digest algorithm (can also be SHA384 or SHA512).
• --allow-untrusted: Allows signing with an untrusted or self-certified certificate, use with caution.
• <PathToFilesToSign>: The path(s) to the files you wish to sign, including support for wildcards.

For more information on all the available command line parameters and their usage, refer to the full client command line documentation.