diff --git a/src/Microsoft.DotNet.SignTool.Tests/SignToolTests.cs b/src/Microsoft.DotNet.SignTool.Tests/SignToolTests.cs
index 9c24ef7a1e9..65875ca530b 100644
--- a/src/Microsoft.DotNet.SignTool.Tests/SignToolTests.cs
+++ b/src/Microsoft.DotNet.SignTool.Tests/SignToolTests.cs
@@ -1863,6 +1863,19 @@ public void ValidateParseFileExtensionEntriesForDifferentCollisionPriorityIdSucc
             runTask(fileExtensionSignInfo: fileExtensionSignInfo.ToArray()).Should().BeTrue();
         }
 
+        [Fact]
+        public void ValidateParseFileExtensionEntriesForTarGzExtensionPasses()
+        {
+            var fileExtensionSignInfo = new List<ITaskItem>();
+
+            fileExtensionSignInfo.Add(new TaskItem(".tar.gz", new Dictionary<string, string>
+            {
+                { "CertificateName", "None" }
+            }));
+
+            runTask(fileExtensionSignInfo: fileExtensionSignInfo.ToArray()).Should().BeTrue();
+        }
+
         // Given:
         // - "SameFiles1.zip" contains "Simple1.exe" and "Simple2.exe"
         // - "SameFiles2.zip" contains "Simple1.exe"
diff --git a/src/Microsoft.DotNet.SignTool/src/SignToolTask.cs b/src/Microsoft.DotNet.SignTool/src/SignToolTask.cs
index d6951cb78cc..59be2cc9104 100644
--- a/src/Microsoft.DotNet.SignTool/src/SignToolTask.cs
+++ b/src/Microsoft.DotNet.SignTool/src/SignToolTask.cs
@@ -363,6 +363,11 @@ int getCommonPrefixLength(string[] dir1, string[] dir2)
             }
         }
 
+        private readonly HashSet<string> specialExtensions = new HashSet<string>(StringComparer.OrdinalIgnoreCase)
+        {
+            ".tar.gz"
+        };
+
         private Dictionary<string, List<SignInfo>> ParseFileExtensionSignInfo()
         {
             var map = new Dictionary<string, List<SignInfo>>(StringComparer.OrdinalIgnoreCase);
@@ -375,9 +380,8 @@ private Dictionary<string, List<SignInfo>> ParseFileExtensionSignInfo()
                     var certificate = item.GetMetadata("CertificateName");
                     var collisionPriorityId = item.GetMetadata(SignToolConstants.CollisionPriorityId);
 
-                    // Path.GetExtension will return .gz for .tar.gz files, so we need to handle that case separately
-                    var actualExtension = extension.Equals(".tar.gz", StringComparison.OrdinalIgnoreCase) ? ".tar.gz" : Path.GetExtension(extension);
-                    if (!extension.Equals(actualExtension))
+                    // Some supported extensions have multiple dots. Special case these so that we don't throw an error below.
+                    if (!extension.Equals(Path.GetExtension(extension)) && !specialExtensions.Contains(extension))
                     {
                         Log.LogError($"Value of {nameof(FileExtensionSignInfo)} is invalid: '{extension}'");
                         continue;