DIGSIG.EXE
Usage
DIGSIG filespec [/nologo] [/s] [/sign cert-filepath password]
'filespec' is a filepath of the file to examine or sign. If the filepath contains spaces, it should be quoted. More than one filepath is allowed if you want to operate on multiple files. The question mark and asterisk wildcards are supported.
Switches:
| /nologo | Don't display the program banner. |
| /s | Recursively enter subfolders (only applies to /folder). |
| /sign | Sign the file with the specified certificate. If the certificate is password protected, you must specify a password. The certificate must be in either PFX, P12, PEM, DER, or CRT format. If you are running Windows 8 or later, it will be signed with both SHA-1 and SHA-256, otherwise SHA-256 only. |
Output
When verifying a signature, the %ErrorLevel% environment variable will be set to one of the following:| Code | Description |
| -1 | Invalid parameter. |
| 0 | The signature is present, and was validated successfully. |
| 1 | No signature is present. |
| 2 | Failed to find the signature. |
| 3 | The signature is present, but the file is not allowed. |
| 4 | The file is not trusted. |
| 5 | Admin policy has disabled user trust. |
| 6 | Failed to link to WinVerifyTrust() in WinTrust.DLL. |
| 7 | An unknown error occurred. |
| 8 | The file does not exist. |
| 9 | The file is locked. |
| 10 | Unsupported file type. |
| 11 | A certificate was revoked by the issuer. |
| 12 | A certificate is expired. |
| 13 | The signature or certificate is malformed. |
| 14 | The signature could not be verified. |
| 15 | A parameter was invalid. |
Example #1 - verifying a signature
>digsig c:\work\foo.exe
DigSig 4.0 - Digital Signature Verification Utility - www.Gammadyne.com
Copyright (C) 2010-2025 by Greg Wittmeyer - All Rights Reserved
c:\work\foo.exe
Code 11: A certificate was revoked by the issuer.
Example #2 - verifying all files in a folder
>digsig c:\work\*.exe
DigSig 4.0 - Digital Signature Verification Utility - www.Gammadyne.com
Copyright (C) 2010-2025 by Greg Wittmeyer - All Rights Reserved
c:\work\foo.exe
Code 1: No signature is present.
c:\work\bar.exe
Code 0: The signature is present, and was validated successfully.
c:\work\baz.exe
Code 4: The file is not trusted.
Example #3 - signing a file
>digsig "c:\work\foo.exe" /sign "c:\certs\cert.p12" abc123
DigSig 4.0 - Digital Signature Verification Utility - www.Gammadyne.com
Copyright (C) 2010-2025 by Greg Wittmeyer - All Rights Reserved
The file was signed successfully.
Download
Click the button below to download version 4.0 of DIGSIG.EXE, released July 1st, 2025.
Download