I have used 1-year term code signing certificates for several years. Typically, when I sign software (not Add-Ins) using Microsoft's signtool.exe utility, I specify a timestamp server. Timestamping ensures that the signed file will not expire when the certificate expires. Without using the timestamping option during the signing process, the signed file would expire and have to be re-signed with a new cert each year.
My question is whether the ESRISignAddIn.exe utility does any sort of timestamping, or uses some other method, so that signed Add-Ins do not expire annually.
-Jeff