Self-Signed Certificates
Generate 4096-bit RSA .pfx certificates with custom CN, Org, and validity period. Exportable and PKCS#12 compliant.
Code Signing Toolkit is a powerful desktop application for developers and software publishers. Create code signing certificates, sign Windows executables (EXE), DLLs, and MSI installers—all offline, secure, and without relying on cloud services.
Built with Python, cryptography, and modern Tkinter UI principles. Works offline. No telemetry.
Generate 4096-bit RSA .pfx certificates with custom CN, Org, and validity period. Exportable and PKCS#12 compliant.
Drop your .exe, .dll, or .msi into the signing zone. One click signs with RFC 3161 timestamping via signtool.exe.
Automatically install certificates to Windows Trusted Root & Trusted Publishers stores (requires admin).
Auto-detects signtool.exe across Windows SDK, Visual Studio, and App Certification Kit paths.
Sign entire folders at once. Export ready-to-use GitHub Actions or Azure DevOps pipeline configs.
Use hardware tokens or HSMs by providing the certificate thumbprint. Supports all CSP/KSP providers.
No cloud dependencies. No account required. Just download and run.
Fill in Common Name and Organization. Click "Generate" to create a secure .pfx file locally.
Drop your executable into the signing zone. The app constructs and executes the signtool command with timestamping.
Unlock batch signing, CI/CD exports, and trusted store auto-installation with a one-time $29 license.
Free for development. Pro for production and commercial distribution.
Self-signed certs are for development only. For public distribution, get a CA-issued code signing certificate:
Standalone executable. No installer required. No admin rights needed for Free tier.
Windows 10/11 • 64-bit • Standalone .exe
a3f5c8d9e2b1... (full SHA256 in download package)
💡 First run? The app will auto-detect signtool.exe. If missing, install Windows SDK or VS Build Tools.