How can I sign an Addin with signtool?

Discussion created by mikrit on Apr 30, 2013
I am trying to sign an AddIn. I cannot easily use the ESRISignAddIn utility, because our ArcMap license is not on the same computer as the one with our certificates. So I tried to use signtool on the certificate computer, like this:

I moved the dll files of my AddIn to the certificate computer, where I signed them with signtool. Then I moved them back to the ArcMap computer. I opened the the .esriaddin file in WinZip, removed the unsigned dll files, and inserted their signed variants.

Now, when I check the properties of the dll files, they have been successfully signed.

But when double-clicking the modified .esriaddin file, the ESRI ArcGIS Add-In Installation Utility still claims that

   "This Add-In file is not digitally signed".

So it is not enough that the dll files are signed. But as far as I know, the signtool command can only sign dll files, exe files, and few other kinds of files, not an entire .esriaddin file. 

Any advice would be welcome.