diff --git a/lib/rubygems/commands/compile_command.rb b/lib/rubygems/commands/compile_command.rb
index 06dfc38..1d939cc 100644
--- a/lib/rubygems/commands/compile_command.rb
+++ b/lib/rubygems/commands/compile_command.rb
@@ -36,7 +36,7 @@ def initialize
       mode = ABIs[value]
       unless mode
         valid = ABIs.keys.sort
-        raise OptionParser::InvalidArgument, "#{value} (#{valid.join ', '} are valid)"
+        raise Gem::OptionParser::InvalidArgument, "#{value} (#{valid.join ', '} are valid)"
       end
 
       options[:abi_lock] = mode
@@ -54,13 +54,29 @@ def initialize
       end
     end
 
+    add_option "-s", "--sign [PRIVATE_KEY]", "Sign gems" do |private_key_file, options|
+      options[:sign_private_key_file] = File.expand_path(private_key_file).tap do |f|
+        next if File.exist? f
+
+        raise Gem::OptionParser::InvalidArgument, "#{private_key_file} must exist"
+      end
+    end
+
+    add_option "-c", "--cert [CERT]", "Certificate" do |cert_file, options|
+      options[:sign_cert_file] = File.expand_path(cert_file).tap do |f|
+        next if File.exist? f
+
+        raise Gem::OptionParser::InvalidArgument, "#{cert_file} must exist"
+      end
+    end
+
     add_option "--build-number NUMBER",
       "Append build number to compiled Gem version" do |value, options|
 
       begin
         options[:build_number] = Integer(value).abs
       rescue ArgumentError
-        raise OptionParser::InvalidArgument, "must be a number"
+        raise Gem::OptionParser::InvalidArgument, "must be a number"
       end
     end
   end
@@ -87,4 +103,12 @@ def execute
     compiler = Gem::Compiler.new(gemfile, options)
     compiler.compile
   end
+
+  def handle_options(args)
+    super.tap do |f|
+      next if options.key?(:sign_cert_file) && options.key?(:sign_private_key_file)
+
+      raise Gem::OptionParser::MissingArgument, "Both --cert and --sign options need to be provided"
+    end
+  end
 end
diff --git a/lib/rubygems/compiler.rb b/lib/rubygems/compiler.rb
index a8c3b8b..a6d8fdc 100644
--- a/lib/rubygems/compiler.rb
+++ b/lib/rubygems/compiler.rb
@@ -68,6 +68,11 @@ def adjust_gemspec_files(gemspec, artifacts)
       gemspec.files.reject! { |f| !File.exist?("#{target_dir}/#{f}") }
     end
 
+    if @options[:sign_private_key_file]
+      gemspec.cert_chain = [@options[:sign_cert_file]]
+      gemspec.signing_key = @options[:sign_private_key_file]
+    end
+
     # add discovered artifacts
     artifacts.each do |path|
       # path needs to be relative to target_dir