Code Signing

This page provides details on Code Signing of applications by Joe Pitt.

Public key infrastructure (PKI)

All Supported Files (e.g. .ps1, .exe, .dll, .application & .manifest) will be signed using one of the X.509 Code Signing Certificate listed below, they will also be cryptographically time stamped by an online Time Stamping Authority.


X.509 Code Signing Certificate (Nov. 2017 to Nov 2018) (Current) (sig)
Thumbprint: 60 15 7f 25 a2 4b bb ff 4c b4 26 ba 06 72 46 b3 2e 97 1b ab

X.509 Code Signing Certificate (Nov. 2016 to Nov 2017) (Legacy) (sig)
Thumbprint: 29 76 c9 af 72 7c cf d1 d3 17 88 34 4e 47 03 70 46 17 bf aa

X.509 Code Signing Certificate [SHA1] (Sep. 2016 to Nov 2016) (Legacy) (sig)
Thumbprint: f3 f3 3c cc 36 ff ff e5 ba ba 63 2d 76 e7 31 77 20 61 43 eb

X.509 Code Signing Certificate (Jun. 2016 to Nov 2016) (Legacy) (sig)
Thumbprint: 5d 81 f6 a4 e1 fb 46 8a 3b 97 ae b3 60 1a 46 7c dd 5e 32 66

GNU Privacy Guard (GPG/PGP)

All User Facing downloads will be accompanied by a signature (file.ext.sig) using one of the GPG Certificates below. Note: files that are verified automatically (i.e. ClickOnce Application Files), will not be GPG Signed.


GPG Signing Key (Nov. 2016) (Current)
Key ID: 55 08 FB EC
Fingerprint: EB 30 6C 76 EF DC 09 9F 50 52 F3 DF 2E 48 3B 21 55 08 FB EC