signercli -verify
Signature Verification Command Reference
1. Overview
The signercli -verify command is used to verify the digital signature of a file.
It validates:
- Signature integrity
- Signing certificate information
- Certificate chain trust
- Timestamp presence and validity (if applicable)
This command is commonly used to confirm that a file was properly signed and has not been modified.
2. Command Usage
signercli -verify <file>
3. Description
When verifying a file, signercli -verify performs the following checks:
- Confirms that a digital signature exists
- Validates the cryptographic integrity of the signature
- Extracts and displays certificate metadata
- Verifies the timestamp token (if present)
- Ensures the certificate chain is valid and trusted
The verification process does not modify the target file.
4. Supported File Types
Verification is supported for all file types that can be signed using signercli, including:
- Code signing targets
.exe,.dll,.msi,.cab,.sys,.ocx
- Document signing targets
.pdf
- Script and text files
.ps1,.js,.py,.sh,.txt, etc.
5. Output Formats
The verification result can be displayed in multiple output formats using the global -format option.
| Format | Description |
|---|---|
classic | Human-readable output (default) |
json | Structured JSON output (for scripting and automation) |
table | Aligned table format |
csv | CSV format |
6. Examples
Verify a Signed File
signercli -verify myapp.exe
Verify with JSON Output (for Automation)
signercli -verify myapp.exe -format json
This format is suitable for:
- CI/CD pipelines
- Automated validation scripts
- Compliance checks
7. Typical Use Cases
- Validating signed artifacts before release
- Auditing signed binaries or documents
- Confirming timestamp presence for long-term validity
- Automated signature verification in CI/CD workflows
8. Related Commands
| Command | Description |
|---|---|
signercli -sign <file> | Sign a file |
signercli -logout | End authenticated session |
signercli -cert get | Inspect certificate details |
9. Summary
The signercli -verify command provides a reliable and non-intrusive way to validate digital signatures, ensuring:
- File integrity
- Certificate authenticity
- Timestamp correctness
- Trust chain verification
It is an essential step in secure software distribution and document validation workflows.