How to Download and Install Windows SignTool.exe

1 Star2 Stars3 Stars4 Stars5 Stars (5 votes, average: 5.00 out of 5)

SignTool.exe is Microsoft’s code signing tool that uses code signing certificates to promote trust and validate software integrity and authenticity with a simple script. Learn how to download and install it in less time than it takes to make a proper cup of coffee

SignTool.exe is one of the most user-friendly Windows command-line tools. You can use it with a trusted code signing certificate to protect files, codes, and apps against tampering and prove your identity as a software publisher. 

But where can you get SignTool.exe to download? And how do you install it? Our simple yet comprehensive tutorial will answer these questions and prepare you for signing in no time.

SignTool: Download It and Install It in Less Than 5 Minutes

In a world with an ever-increasing demand for authenticity and security, code signing has become pivotal to all businesses, great and small.

Are you a Windows 11, 10, 8.1 or 7 user? SignTool works with all those versions, and so does this quick guide. Follow the steps below to get the tool you need to start signing your executables using a code signing certificate. Signing your code will reassure your users that it is authentic and secure, and hasn’t been modified since it was signed.

Don’t have a code signing certificate yet? No worries — you can get one quickly through

Save Up to 21% on a Windows Code Signing Certificate

Give users a reason to trust your Windows apps by preventing “Unknown Publisher” warnings. You can digitally sign unlimited apps for as little as $211.46/year.

Get Your Code Signing Certificate

How to Download SignTool.exe

The SignTool executable is embedded by default in the Windows software development kit (SDK), a set of tools developers use to build Windows applications.

Tip: Do not confuse Windows SDK with its brother Windows App SDK (i.e., a broad set of components, APIs, and extensions that can be utilized with Visual Studio 2019 and 2022. It also includes SignTool.exe). Although they’re complementary, they’re not the same. We’ll explain more their differences in the section on alternative ways to download SignTool later in the article. 

To download the latest SDK stable release from the most used Microsoft official channel:

  1. Make sure your device meets the minimum system requirements.
  2. Click the installer or .iso button on the Microsoft Windows SDK download page.

In this tutorial, we’re using the Windows 10 operating system. As such, we’ve selected the installer file as it’s the fastest installation option:

A screenshot that shows how to download SignTool via Windows SDK
Image source: Microsoft SDK/SignTool download page. Click on one of the buttons to start the download.
  1. Choose the folder where to save the executable file and click Save.
A screenshot illustrating how to save the Windows SDK setup file to your Windows computer
Image caption: This is how you choose where to save your SignTool.exe download on your device.

Alternatively, if you plan to use SignTool.exe predominantly with Visual Studio, you can download the SDK (and SignTool.exe) stable version directly from the Visual Studio Installer app. Just select the most recent Windows 11 SDK version listed in the Individual Components tab.

An illustration of how to select Windows SDK with SignTool.exe to install it in Visual Studio
Image caption: The screenshot shows where to find Windows SDK/SignTool.exe, which is available for download in Visual Studio Installer.

Install SignTool.exe on Your Windows Device

  • Open File Explorerand navigate to the folder where you’ve saved the Windows SDK installer. In our example, it’s stored in the Downloads folder.
An illustration of the Windows SDK installer file on Windows
Image caption: The Windows SDK/SignTool downloaded file is ready to be installed.
  • Double-click on the winsdksetup icon. The first radio button will be already selected. Leave it as it is and click on Next (as shown below):
A screenshot of the install wizard window where you can select the location to install the Windows SDK toolkit onto your device
Image caption: The screenshot shows where you can specify the Windows SDK/SignTool.exe installation path.
  • Click on Yes or No to choose whether you want to allow Windows to collect information about how you use the program.Hit Next to continue. Tip: Are you obsessed with privacy like I am? If so, then select No.
An optional Privacy setting selection window
Image caption: Tell Microsoft if you want to participate in the Windows Kits insights program. 
  • Click on Accept to approve the license agreement.
Windows user license agreement window
Image caption: Don’t skip license agreements. I get it. Legal stuff is boring. However, reading it may spare you some headaches later.
  • Now, you can finally install Signtool.exe. To do so, be sure that Windows SDK Signing Tools for Desktop Apps is ticked (as shown in the following example). Interested in installing additional features? Click on each one on the list to discover more information about it. Once you’ve completed your selection, hit Install.
A screenshot showing features to select in Visual Studio
Image caption: Windows SDK Signing Tools for Desktop Apps is the only feature you need to get SignTool.exe installed directly through Visual Studio.  

That’s it! You’ve now successfully downloaded and installed SignTool.exe onto your device.

An illustration of the bin folder where your SignTool.exe will be stored on a Windows device
Image caption: SignTool.exe is installed by default in your C:\Program Files (x86)\Windows Kits\10\bin\Your_Windows_SDK_Version\x64. You’ve installed SignTool on a 32-bit system? You’ll find it under C:\Program Files (x86)\Windows Kits\10\bin\Your_Windows_SDK_Version\x86.

Grab your trusted code signing certificate and start your code signing adventure with SignTool.exe.

Tip: Cybercriminals are clever little buggers who can sniff out potential vulnerabilities in your software and cryptographic assets from miles away. Don’t leave your certificate and keys unprotected. Discover our five golden rules to manage them securely.  

Prove Your Software Is Trustworthy

Signing your code shows users that your software and updates can be trusted.

A 3D screenshot of the Code Signing Best Practices Guide from

Download our free code signing best practices eBook to learn how to help keep your supply chain secure and your company, customers & end-users safe.

Are you an advanced user looking to preview and play with Windows SDK (and SignTool.exe) new features that haven’t been released to general Windows users? Keep on reading. We’ll tell you where to find them. 

4 Alternative Ways to Download SignTool For Pro and Tech Enthusiasts

So, you’re an adventurous tech type (like me) who enjoys having a “sneak peek” at the latest technology, right? Great. Let’s briefly explore the official alternative SignTool download sources provided by the Windows Insider Program. That’s where you’ll find info on all Windows-related work-in-progress software.

For example, SignTool.exe is included in the BuildTools package inside the latest Windows Insider SDK.

Once you’ve registered, you can choose among four Windows Preview Channels:

1. The Canary Channel

  • Ideal for tech-savvy users.
  • Lets you test the latest SDK and SignTool.exe versions still in the early development stage.
  • Characterized by unstable versions with very limited documentation.

2. The Dev Channel

  • Best for developers.
  • Enables you to try and preview new SDK and SignTool.exe features still at the incubation stage.
  • Offers rough releases with some instability issues.

3. The Beta Channel

  • Great for early adopters.
  • Allows you to beta test and send feedback about Microsoft-validated SDK and SignTool.exe updates.
  • Provides more reliable builds.

4. The Release Preview Channel

  • Recommended for commercial users and IT professionals.
  • Introduces you to approved SDK and SignTool.exe fixes. New features/versions/updates are also available for testing before they’re released to the public.
  • Yields supported and reliable versions.

Did you download and install SignTool.exe directly into Visual Studio? Windows App SDK, a complementary kit that also includes Windows SDK Signing Tools for Desktop Apps, offers a similar channel release program.

Final Thoughts on How to Download and Install Windows SignTool.exe

Fostering trust in applications, products, and brands is becoming increasingly challenging for any organization. Using SignTool.exe and code signing certificates are among the most efficient and reliable ways to prove your products’ authenticity and trustworthiness and help secure your customers’ software supply chains. 

Now that you’ve installed SignTool.exe by downloading your favorite SDK release, it’s time to try code signing for your latest project. Get a third-party validated code signing certificate and use SignTool to leverage its power with a single script.

Save Up to 27% on a Standard Code Signing Certificate

Assert your organization’s verified digital identity to increase trust in your software and updates. Boost your sales and download rates for as little as $195.00/year (with a 3-year certificate).

Buy Now

You don’t know how to use SignTool to sign your software? No fear. Don’t miss our next article. It’s an exhaustive guide about SignTool.exe that’ll teach everything you need to know about the universe of Microsoft SignTool code signing.