Single Signing with a SHA1 or a SHA2 certificate:

Run the following command to apply the SHA1 signature:

DO NOT USE! SHA1 Depreciated

• signtool sign /t http://timestamp.digicert.com /sha1 XXSHA1CERTTHUMBPRINTXX WINQUAL.EXE

NOTE:
XXSHA1CERTTHUMBPRINTXX is the thumbprint of your SHA1 code signing certificate
WINQUAL.EXE is the executable file you want to sign

Run the following command to apply the SHA2 signature:

• signtool sign /tr http://timestamp.digicert.com /td sha256 /fd sha256 /sha1 XXSHA256CERTTHUMBPRINTXX WINQUAL.EXE

NOTE:
XXSHA256CERTTHUMBPRINTXX is the thumbprint of your SHA2 code signing certificate
WINQUAL.EXE is the executable file you want to sign

Then verify the signing of the sys file:

• signtool verify /v "C:\path\to\file\file.sys"