![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(160, 92%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EW%3C/text%3E%3C/svg%3E)
2,854 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 11%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHL%3C/text%3E%3C/svg%3E)
Hi,@Wally96333 . Welcome to Microsoft Q&A Forum.
To sign your WPF application for distribution, you'll need a code signing certificate. Here are the steps to obtain a code signing certificate and sign your binaries:
1.Obtain a Code Signing Certificate:
You have a few options for obtaining a code signing certificate:
Purchase from a Commercial Certificate Authority (CA):
There are several well-known CAs that issue code signing certificates. Examples include DigiCert, Sectigo, GlobalSign, and others.
Visit the website of a CA, navigate to their SSL/TLS certificates section, and look for code signing certificates.
Use a Certificate from a Trusted CA:
Some development tools come with a test certificate that is automatically trusted by most systems. However, these certificates are not suitable for distributing commercial software.
2.Generate or Acquire the Certificate:
After obtaining a code signing certificate, you may need to generate a key pair (private key and public key). The process can vary depending on the CA and the tool you are using. Typically, the CA provides instructions for obtaining and installing the certificate.
3.Sign Your WPF Application:
Once you have the code signing certificate, you could use a tool like signtool (included in the Windows SDK) to sign your WPF application. Open a command prompt and use a command similar to the following:
4.Timestamping:
Including a timestamp (/t) is recommended as it ensures that the signature remains valid even after the certificate expires. It's especially important for long-term software distribution.
5.Distribute Your Application:
After signing your binaries, you could distribute your WPF application. Users will see that your application is signed, which can help establish trust and prevent warning messages during installation.
Please refer to the documentation of the CA you choose for specific instructions on obtaining and using a code signing certificate. Additionally, check the documentation for the signtool utility for detailed information about its usage.
If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
