how-to-check-digital-signature

Security
  1. 1

    Locate the downloaded installer

    Find the 7-Zip installer file (.exe) you downloaded from the official 7-zip.org or github.com/ip7z/7zip in your Downloads folder.

  2. 2

    Right-click and select Properties

    Right-click the installer file and select "Properties" from the context menu.

  3. 3

    Go to Digital Signatures tab

    In the Properties window, switch to the "Digital Signatures" tab. If this tab is missing, the file is not signed and may be from an unofficial source — do not run it.

  4. 4

    Select the signature and view details

    Select the signature in the list and click "Details". Verify that the signer name matches the official 7-Zip developer (Igor Pavlov) and the signature is marked as valid.

  5. 5

    Confirm certificate validity

    Check that the certificate is valid and not expired or revoked. If Windows reports the signature as invalid or the signer name is unknown, delete the file immediately and re-download from the official source.

  6. 6

    Additional verification

    For maximum security, also verify the SHA-256 hash of the file against the official checksum on the GitHub releases page. See our "How to Verify File Integrity (SHA-256)" tutorial for detailed steps.

参考になりましたか?