Manually sign any file using a pfx file

A colleegue of mine recently build a MSI installer using some third party tool unknown to me. He kindly asked me, what he needed to do, to sign the installer using our corporate codesigning certificate.

I am used to build my installers using Visual Studio, but I remembered that I once or twice had used the SignTool.exe command line tool, to sign some files. I looked up the documentation for the tool And quickly I was able to create a command meeting my needs:

E:\VSS\USMT\MSIProject>signtool sign /f E:\VSS\CodeSigningCert\Trustzone\eg_codesigning.pfx /p mypassword /d USMTApp USMTApp.msi

Note: To me it seems rather important to remember the d options – adding a description to the installer. This will show when the user runs the isntallation package.