Share via

Email is blank when looking at the Digital Certificate on a Deployed Binary

Stephen Thomas Wheeler 26 Reputation points
2026-02-22T04:10:13.31+00:00

Recently implemented Azure ArtifactSigning for Binaries and Scripts in a devops pipeline so shipping binaries are signed. Noticed that no email address is showing in the digital signature of the binaries. I am sure that an email was added to the certificate when created. Any idea how to get the email address showing up for these signed binaries?

Artifact Signing
Artifact Signing

A fully managed end-to-end service for digitally signing code, documents, and applications. (formerly Trusted Signing)

0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Divyesh Govaerdhanan 10,610 Reputation points
    2026-02-23T15:27:41.76+00:00

    Hi Stephen Thomas Wheeler,

    Welcome to Microsoft Q&A,

    Even though you enter Primary Email / Secondary Email during identity validation, Microsoft explicitly states that your email address isn’t included in the issued certificate (so Windows’ signature UI won’t have an email to display).User's image

    https://learn.microsoft.com/en-us/azure/artifact-signing/quickstart?tabs=registerrp-portal%2Caccount-portal%2Corgvalidation%2Ccertificateprofile-portal%2Cdeleteresources-portal

    There isn’t a setting to force email into the cert subject/SAN in the Artifact Signing-issued certificates.

    If you use signtool, populate the “More info” field via /du (and optionally a friendly name via /d). This gives users a verifiable contact/landing page even without an email in the cert.

    Please Upvote and accept the answer if it helps!!

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.