Description
Administrators and distribution tooling can sign or inspect PE-COFF binaries used by Secure Boot and related firmware workflows. This is useful for managing trusted boot components and verifying signed executable images.
It is a security administration tool. Signing keys and certificates must be protected carefully because a compromised key can undermine the trust chain for bootable binaries.