diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index 6c88c2ca5c10e3fe9732244e4283fd11ed7efe99..daa647f257e86f2e9004eaa8f7310168f3121895 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -253,18 +253,14 @@ jobs:
     needs: build
     runs-on: windows
     steps:
-      - name: Decode certificate file
-        shell: bash
-        env:
-          SIGNING_CERT_WINDOWS: ${{ secrets.SIGNING_CERT_WINDOWS }}
-        run: |
-          mkdir -p .cert
-          echo "$SIGNING_CERT_WINDOWS" | base64 --decode > .cert/authenticode-cert.pfx
-
       - name: Sign and package Windows viewer
         uses: secondlife/viewer-build-util/sign-pkg-windows@azure
         with:
-          certificate: .cert/authenticode-cert.pfx
+          vault_uri: "${{ secrets.AZURE_KEY_VAULT_URI }}"
+          cert_name: "${{ secrets.AZURE_CERT_NAME }}"
+          client_id: "${{ secrets.AZURE_CLIENT_ID }}"
+          client_secret: "${{ secrets.AZURE_CLIENT_SECRET }}"
+          tenant_id: "${{ secrets.AZURE_TENANT_ID }}"
 
   sign-and-package-mac:
     needs: build