Examine if (.exe) file is Code signed

Hi all.
I try to automate code-signing. How can I find out within Xojo (or plugin) if a file is code-signed or not?

If not signed, WIndows will told you at run time… IMHO

Are you building an installer?
InnoSetup has a flag called signonce where it will only sign a file if unsigned.

Yes, but I want to check if some build .exe files are already signed. If not, sign them.
If signiture is expired, resign with new certificate
I’ve got a ugly solution: Read the .exe and search for Strings like “sectigo.com” or “CodeSigning”, but that does not tell me anything about the certificate at all.

I ask because most Windows software comes in an installer. Many Xojo developers I know (and myself included) use InnoSetup to build installers., We use InnoSetup’s ability to codesign to automate code signing at the packing step, not the Xojo step.

I use Innosetup, too.
Ahhh, got it. Thanks!

For someone searching for the exact data and expire dates:

signtool verify /pa /v {programname.exe}