Index: readme.scripts.txt
===================================================================
diff -u -re5f0a0e2d61c9d5f77b844944f8318b5d122a5b3 -r6581a8b30fbcf77d93c5e083bb33f8afcce906c5
--- readme.scripts.txt	(.../readme.scripts.txt)	(revision e5f0a0e2d61c9d5f77b844944f8318b5d122a5b3)
+++ readme.scripts.txt	(.../readme.scripts.txt)	(revision 6581a8b30fbcf77d93c5e083bb33f8afcce906c5)
@@ -11,3 +11,6 @@
 1. Those requirements does not include the dependencies required by the build process, which must also be met.
 2. All tools must be available in %PATH
 3. Scripts should be called/executed from the scripts/ directory.
+4. By default the build&release script will try to sign the executables with the certificate installed on the system 
+   (tries to detect automatically the certificate). For most people this part is not necessary and can be disabled
+   by setting an environment variable SKIPCHSIGNING to 1.
Index: scripts/make_existing_release.bat
===================================================================
diff -u -r251181849c91428d68b3e3565add9a2043b45fec -r6581a8b30fbcf77d93c5e083bb33f8afcce906c5
--- scripts/make_existing_release.bat	(.../make_existing_release.bat)	(revision 251181849c91428d68b3e3565add9a2043b45fec)
+++ scripts/make_existing_release.bat	(.../make_existing_release.bat)	(revision 6581a8b30fbcf77d93c5e083bb33f8afcce906c5)
@@ -85,6 +85,18 @@
 	goto error
 )
 
+if NOT "%SKIPCHSIGNING%" == "1" (
+	echo --- Signing executables ---------------------------------------------
+	signtool sign /t http://time.certum.pl /a "%MainProjectDir%\bin\release\*.dll" "%MainProjectDir%\bin\release\*.exe" 2>"%TmpDir%\command-err.log"
+	if errorlevel 1 (
+		echo ERROR: Cannot sign executables! See the log below:
+		type "%TmpDir%\command-err.log"
+		goto error
+	)
+) else (
+	echo WARNING: Signing executables was disabled.
+)
+
 echo --- Preparing packages ----------------------------------------------
 echo    * Create source package for version %CHTextVersion%...
 
@@ -151,6 +163,18 @@
 	goto error
 )
 
+if NOT "%SKIPCHSIGNING%" == "1" (
+	echo    * Signing installer package...
+	signtool sign /t http://time.certum.pl /a "%OutputDir%\*.exe" 2>"%TmpDir%\command-err.log"
+	if errorlevel 1 (
+		echo ERROR: Cannot sign executables! See the log below:
+		type "%TmpDir%\command-err.log"
+		goto error
+	)
+) else (
+	echo WARNING: Signing executables was disabled.
+)
+
 echo    * Preparing zip package...
 cd %MainProjectDir%