diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index d1e85f6..0550ad3 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -54,6 +54,12 @@ jobs:
           smksp_cert_sync.exe
         shell: cmd
 
+      - name: Certificates Sync
+        if: startsWith(matrix.os, 'windows')
+        run: |
+          smctl windows certsync
+        shell: cmd
+
       - name: Install setuptools (macos)
         if: startsWith(matrix.os, 'macos')
         run: sudo -H pip install setuptools
@@ -79,16 +85,16 @@ jobs:
           APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }}
           APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
 
-      # new Windows Signing (2024)
-      - name: Signing using Signtool
-        if: startsWith(matrix.os, 'windows')
-        run: |
-          signtool.exe sign /sha1 ${{ secrets.SM_CODE_SIGNING_CERT_SHA1_HASH }} /tr http://timestamp.digicert.com /td SHA256 /fd SHA256 "D:\a\OpenBuilds-CONTROL\OpenBuilds-CONTROL\dist\*.exe"
-          signtool.exe verify /v /pa "D:\a\OpenBuilds-CONTROL\OpenBuilds-CONTROL\dist\*.exe"
-
-      - name: Upload artifacts
-        uses: actions/upload-artifact@v2
-        with:
-          name: ${{ matrix.os }}
-          path: |
-            dist/*.exe
+      # # new Windows Signing (2024)
+      # - name: Signing using Signtool
+      #   if: startsWith(matrix.os, 'windows')
+      #   run: |
+      #     signtool.exe sign /sha1 ${{ secrets.SM_CODE_SIGNING_CERT_SHA1_HASH }} /tr http://timestamp.digicert.com /td SHA256 /fd SHA256 "D:\a\OpenBuilds-CONTROL\OpenBuilds-CONTROL\dist\*.exe"
+      #     signtool.exe verify /v /pa "D:\a\OpenBuilds-CONTROL\OpenBuilds-CONTROL\dist\*.exe"
+      #
+      # - name: Upload artifacts
+      #   uses: actions/upload-artifact@v2
+      #   with:
+      #     name: ${{ matrix.os }}
+      #     path: |
+      #       dist/*.exe
diff --git a/package.json b/package.json
index 9c5cb39..610f2b2 100644
--- a/package.json
+++ b/package.json
@@ -51,6 +51,8 @@
       }
     ],
     "afterSign": "./notarize.js",
+    "sign": "./signWin.js",
+    "signingHashAlgorithms": "sha256",
     "mac": {
       "icon": "build/icon.icns",
       "category": "public.app-category.graphics-design",
diff --git a/signWin.js b/signWin.js
new file mode 100644
index 0000000..f56075a
--- /dev/null
+++ b/signWin.js
@@ -0,0 +1,18 @@
+const {
+  execSync
+} = require('node:child_process')
+
+exports.default = async configuration => {
+  if (!process.env.SM_API_KEY) {
+    console.info(`Skip signing because SM_API_KEY and  not configured`)
+    return
+  }
+
+  if (!configuration.path) {
+    throw new Error(`Path of application is not found`)
+  }
+
+  execSync(`smctl sign --keypair-alias="${process.env.SM_KEYPAIR_NAME}" --input "${String(configuration.path)}"`, {
+    stdio: 'inherit',
+  })
+}
\ No newline at end of file