App Signing Tool
One of the new requirements of AppUp is to have apps to be signed. We require that MSI and JAR files be signed using a valid certificate.
The tools below now makes it very simple to sign your binary. All that is needed is the binary, the certificate and the certificate password. Please download the tool and sign your app now. 
Require Tools/Files
1. Micrsoft Windows SDK for MSI or Java SDK for JAR.
Microsoft: http://msdn.microsoft.com/en-us/windows/bb980924
JAVA: http://appdeveloper.intel.com/en-us/article/how-do-i-get-code-signing-certificate-certifying-authority
3. Certificate File Password
4. Binary, either MSI or JAR
Download
Tools works in all version of windows and both 64/32 bit.
MSI Signing Tool: MSI Tool
JAR Signing Tool: Java Tool
NOTE: Some devices require that the tool be executed in Run as Administrator mode to be signed correctly.
Comments
Hello,
i am trying to signing "MSI" file ,but i am fail.
it's showing some error.
Error: "signtool " is not recognized as an internal or external command.
operable program or batch file.
please,help me to get out from this problem.
Just wanted to mention: I was able to create a valid signature with MSITool.exe when it was run as administrator. It seems that Windows 7 UAC causes a conflict here.
If anyone encounters issues with signing an msi file on Windows 7, try running MSITool.exe as Administrator. Also, as mentioned before signtool on the command line works fine.
Since MSITool.exe did not produce a valid signature, I followed the instructions from here:
http://appdeveloper.intel.com/en-us/article/signing-msi-files
for manual signing and added a timestamp. This did the trick and at least the app was now not rejected because of the missing code signature. I hope it will be of help for other people, too.
Instructions in short:
1. Signing: c:\User\martin>signtool sign /v /f d:IntelMWCert.pfx /p password ecomanager_Installer.msi
2. Verification: c:\User\martin>signtool verify /v /pa ecomanager_Installer.msi
3. Timestamping: c:\User\martin>signtool timestamp /t http://timestamp.comodoca.com/authenticode ecomanager_Installer.msi
Detailed instructions (of course you have to adjust filenames and certificate passwords to your needs):
1. Signing via "signtool sign"
==============================
c:\User\martin>signtool sign /v /f d:IntelMWCert.pfx /p password ecomanager_Installer.msi
The following certificate was selected:
Issued to: Martin Wojtczyk
Issued by: COMODO Code Signing CA 2
Expires: Thu Nov 01 16:59:59 2012
SHA1 hash: E6526742414B862A47B0D4B07177411894BA21A5
Done Adding Additional Store
Successfully signed: ecomanager_Installer.msi
Number of files successfully Signed: 1
Number of warnings: 0
Number of errors: 0
2. Verification via "signtool verify"
=====================================
c:\User\martin>signtool verify /v /pa ecomanager_Installer.msi
Verifying: ecomanager_Installer.msi
Hash of file (sha1): 7FF65F07976B9593E970D870F9F6AD9BFF4ADFDF
Signing Certificate Chain:
Issued to: UTN-USERFirst-Object
Issued by: UTN-USERFirst-Object
Expires: Tue Jul 09 11:40:36 2019
SHA1 hash: E12DFB4B41D7D9C32B30514BAC1D81D8385E2D46
Issued to: COMODO Code Signing CA 2
Issued by: UTN-USERFirst-Object
Expires: Sat May 30 03:48:38 2020
SHA1 hash: B64771392538D1EB7A9281998791C14AFD0C5035
Issued to: Martin Wojtczyk
Issued by: COMODO Code Signing CA 2
Expires: Thu Nov 01 16:59:59 2012
SHA1 hash: E6526742414B862A47B0D4B07177411894BA21A5
File is not timestamped.
Successfully verified: ecomanager_Installer.msi
Number of files successfully Verified: 1
Number of warnings: 0
Number of errors: 0
3. Timestamping via "signtool timestamp"
========================================
c:\User\martin>signtool timestamp /t http://timestamp.comodoca.com/authenticode ecomanager_Installer.msi
Successfully timestamped: ecomanager_Installer.msi
c:\User\martin>signtool verify /v /pa ecomanager_Installer.msi
Verifying: ecomanager_Installer.msi
Hash of file (sha1): 7FF65F07976B9593E970D870F9F6AD9BFF4ADFDF
Signing Certificate Chain:
Issued to: UTN-USERFirst-Object
Issued by: UTN-USERFirst-Object
Expires: Tue Jul 09 11:40:36 2019
SHA1 hash: E12DFB4B41D7D9C32B30514BAC1D81D8385E2D46
Issued to: COMODO Code Signing CA 2
Issued by: UTN-USERFirst-Object
Expires: Sat May 30 03:48:38 2020
SHA1 hash: B64771392538D1EB7A9281998791C14AFD0C5035
Issued to: Martin Wojtczyk
Issued by: COMODO Code Signing CA 2
Expires: Thu Nov 01 16:59:59 2012
SHA1 hash: E6526742414B862A47B0D4B07177411894BA21A5
The signature is timestamped: Sat Nov 05 13:51:18 2011
Timestamp Verified by:
Issued to: UTN-USERFirst-Object
Issued by: UTN-USERFirst-Object
Expires: Tue Jul 09 11:40:36 2019
SHA1 hash: E12DFB4B41D7D9C32B30514BAC1D81D8385E2D46
Issued to: COMODO Time Stamping Signer
Issued by: UTN-USERFirst-Object
Expires: Sun May 10 16:59:59 2015
SHA1 hash: 3DBB6DB5085C6DD5A1CA7F9CF84ECB1A3910CAC8
Successfully verified: ecomanager_Installer.msi
Number of files successfully Verified: 1
Number of warnings: 0
Number of errors: 0
Hello,
it seems the MSITool.exe does not work.
I exported my certificate, signed the application with the MSITool, which reports:
>>>
The following certificate was selected:
Issued to: Martin Wojtczyk
Issued by: COMODO Code Signing CA 2
Expires:
SHA1 hash: E6526...
Done Adding Additional Store
<<<
I resubmitted my application for validation (after I first submitted an unsigned Windows app), but again it was rejected due to a missing signature.
So I investigated more:
Although MSITool reports successful signing, the msi file remains unchanged: same file size, same checksum.