diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index aba74c5fcb..d6c2b968bb 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -53,6 +53,10 @@ jobs:
         GitHubVS_ClientId: ${{ secrets.GitHubVS_ClientId }}
         GitHubVS_ClientSecret: ${{ secrets.GitHubVS_ClientSecret }}
 
+    - name: Sign the VSIX
+      if: github.ref == 'refs/heads/master'
+      run: tools/vsixsigntool/vsixsigntool.exe sign /f certificate.pfx /p '${{ secrets.CERTIFICATE_PASSWORD }}' /sha1 9c5a6d389e1454f2ed9ee9419cdf743689709f9c /fd sha256 /tr http://timestamp.digicert.com /td sha256 ${{ env.vsixContainer }}
+      
     - name: Upload VSIX artifact
       uses: actions/upload-artifact@v1
       with:
diff --git a/GitHubVS.sln b/GitHubVS.sln
index 1df28cf917..03f0b02a4c 100644
--- a/GitHubVS.sln
+++ b/GitHubVS.sln
@@ -13,6 +13,7 @@ EndProject
 Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Meta", "Meta", "{72036B62-2FA6-4A22-8B33-69F698A18CF1}"
 	ProjectSection(SolutionItems) = preProject
 		.editorconfig = .editorconfig
+		.github\workflows\main.yml = .github\workflows\main.yml
 		README.md = README.md
 		version.json = version.json
 	EndProjectSection
diff --git a/azure-pipelines.yml b/azure-pipelines.yml
index f447cc2bf0..bbbe5c98ea 100644
--- a/azure-pipelines.yml
+++ b/azure-pipelines.yml
@@ -100,12 +100,11 @@ jobs:
     inputs:
       secureFile: certificate.pfx
 
-# Disable VSIX signing
-#  - script: $(vsixsigntool_exe.secureFilePath) sign /f $(certificate_pfx.secureFilePath) /p "$(certificate_password)" /sha1 c4fdf13659f49e57ac14774fdf45053f499f185f /fd sha256 /tr http://timestamp.digicert.com /td sha256 $(ArtifactDirectory)\GitHub.VisualStudio.vsix
-#    displayName: Sign the GitHub for Visual Studio VSIX
-#
-#  - script: $(vsixsigntool_exe.secureFilePath) sign /f $(certificate_pfx.secureFilePath) /p "$(certificate_password)" /sha1 c4fdf13659f49e57ac14774fdf45053f499f185f /fd sha256 /tr http://timestamp.digicert.com /td sha256 $(ArtifactDirectory)\GitHub.VisualStudio.16.vsix
-#    displayName: Sign the GitHub Essentials VSIX
+  - script: $(vsixsigntool_exe.secureFilePath) sign /f $(certificate_pfx.secureFilePath) /p "$(certificate_password)" /sha1 9c5a6d389e1454f2ed9ee9419cdf743689709f9c /fd sha256 /tr http://timestamp.digicert.com /td sha256 $(ArtifactDirectory)\GitHub.VisualStudio.vsix
+    displayName: Sign the GitHub for Visual Studio VSIX
+
+  - script: $(vsixsigntool_exe.secureFilePath) sign /f $(certificate_pfx.secureFilePath) /p "$(certificate_password)" /sha1 9c5a6d389e1454f2ed9ee9419cdf743689709f9c /fd sha256 /tr http://timestamp.digicert.com /td sha256 $(ArtifactDirectory)\GitHub.VisualStudio.16.vsix
+    displayName: Sign the GitHub Essentials VSIX
 
   - task: PublishBuildArtifacts@1
     inputs:
diff --git a/certificate.pfx b/certificate.pfx
new file mode 100644
index 0000000000..e236e59130
Binary files /dev/null and b/certificate.pfx differ
diff --git a/tools/vsixsigntool/vsixsigntool.exe b/tools/vsixsigntool/vsixsigntool.exe
new file mode 100644
index 0000000000..ceadff7008
Binary files /dev/null and b/tools/vsixsigntool/vsixsigntool.exe differ