Sectigo Code Signing SSL Certificate

Sectigo SSLSectigo Code Signing SSL is an advanced SSL certificate designed for digitally signing applications, software, drivers and scripts, ensuring the integrity and authenticity of the source code. Using asymmetric cryptography, including RSA or ECDSA algorithms, the certificate allows you to generate unique digital signatures that guarantee that the signed software comes from a trusted source and has not been modified after being signed. This certificate uses 2048-bit encryption, which provides a high level of security for digital signatures. One of the key elements of the Sectigo Code Signing SSL certificate is the timestamping function, which allows you to confirm that the application was signed within the certificate’s validity period, even after it has expired. This is an important feature that minimizes the risk associated with outdated digital signatures. The Sectigo certificate allows software recipients to verify its integrity, which is crucial for preventing potential modifications or malware infections after signing.

In terms of compatibility, Sectigo Code Signing SSL is fully integrated with the most popular platforms, including Windows, macOS, iOS and Android operating systems, as well as web browsers, which ensures a wide range of applications. This certificate is especially useful for software developers and organizations operating in environments where code security is a priority, such as the IT industry, finance and medical sectors. The implementation process includes generating a private key, completing the CSR (Certificate Signing Request), verifying the identity by Sectigo and installing the certificate on the user’s device, which allows for signing applications.

Secure storage of private keys used for signing is provided by the user’s device or dedicated hardware security modules (HSM – Hardware Security Module), which additionally minimizes the risk of unauthorized access. The use of Sectigo Code Signing SSL certificates reduces the risk of counterfeiting and software attacks, and also increases the trust of end users, who are more likely to install digitally signed applications from trusted vendors. These certificates are also key to ensuring compliance with various industry regulations, which is particularly important for organizations operating in regulated sectors. Sectigo also offers comprehensive technical support and certificate management tools, making it easy to renew, store and use certificates in different application environments. This allows organizations to effectively manage their certificates, minimizing the risk of implementation errors and ensuring the continuity of protection of their products. The Sectigo Code Signing SSL certificate is therefore a key security element that allows you to protect against threats resulting from unauthorized code modifications and provide a high level of security for end users.

Who needs code signing certificates?
When customers buy software from a software manufacturer’s store, the source of that software is obvious. The same software may be modified by third parties when downloaded over the Internet. Any software publisher planning to distribute code or content over the Internet may expose their software to modification, spoofing, etc. Code signing certificates, including Sectigo Code Signing SSL, immediately inform customers that they can trust the software they are downloading by checking the integrity of the code and verifying the authenticity of the code. company (manufacturer).

  • Verifies the identity of the publisher.
  • Checks the integrity of the content.
  • It protects the software against manipulation.
  • Improves customer confidence.
  • Increases the number of software downloads.
  • You avoid Windows error messages.
  • It protects the reputation and brand of a software publisher.
  • Creates a trusted software distribution.

Supported Platforms

  • Support for Windows.
  • Mozilla Objects File Signing.
  • Signing MS Silverlight applications and xaf files.
  • Signing MS Office macros and VBA (Visual Basic for Application) files.
  • AIR code signing.
  • Signing JAR applets.
  • Microsoft Authenticode – Signing any MS (32/64 bit) .exe, .dll, .ocx, .msi, .cab and kernel software.
  • Software signing for MacOS.

Note: Starting since May 2023, new industry requirements set by the CA/B Forum require all Code Signing certificate keys to be stored on HSM tokens or compatible hardware tokens. Certificates installed on such tokens cannot be exported, so some applications may not support this. Check the new rules for generating code signing certificates.

* This SSL certificate is available on a multi-year subscription basis. Check what it means and how much you can save thanks to it: Multi-year Subscription SSL Certificates

Vendor
Product Name
Validation
Issuance
Site Seal
Secure
Period of Validity
Price
Sectigo SSL
Sectigo Code Signing SSL
IV/OV
up to 3 days / up to 1-2 weeks**
-
Software
1 year
$392.77
Order
Sectigo SSL
Sectigo Code Signing SSL
IV/OV
up to 3 days / up to 1-2 weeks**
-
Software
2 years*
$687.36
Order
Sectigo SSL
Sectigo Code Signing SSL
IV/OV
up to 3 days / up to 1-2 weeks**
-
Software
3 years*
$981.93
Order

** Due to the new rules for generating and storing code signing certificate keys, it is necessary to save them on a compatible USB token or HSM module. In the absence of such a tool, it is possible to order a token with an installed certificate from the certificate issuer. The appropriate delivery option should be selected when placing an order for the certificate. There is no need to order a token if you have your own, compatible tool. In the case of delivery, the time to issue the certificate may be longer due to the need to deliver the ordered token with the certificate: Check the new rules for code signing certificates issuance.

Delivery Options
Delivery Options
Price
Token + International Shipping (non-US)
Option available for all countries except the US
$182.00
Token + Shipping (US)
Ground shipping to US addresses
$126.00
Token + Expedited Shipping (US)
Express air shipping to US addresses.
$196.00
Install on Existing HSM
-
$0.00

Key Benefits

  • Protect code integrity: The primary benefit of using a Sectigo Code Signing SSL certificate is protecting code integrity. With cryptographic digital signatures, software can be verified by users for its authenticity. This means that any modifications made after signing can be easily detected, eliminating the risk of introducing malicious code or unauthorized changes.
  • Increase trust and reduce warnings: Digitally signed applications are recognized as coming from trusted vendors. This means that end users receive fewer security warnings when installing software, which is especially important for applications distributed on platforms such as Windows or macOS. Signing code with a certificate from a trusted provider like Sectigo minimizes the risk of your application being blocked by security systems.
  • Timestamping: Sectigo Code Signing SSL supports timestamping, which is a significant benefit for the long-term validity of the signature. Timestamping allows you to confirm that the code was signed within the validity period of the certificate, even after it has expired. This is crucial for applications that need to be available and trusted for an extended period of time after release.
  • Compliance with regulations and standards: Many industries, such as the financial and medical sectors, have strict regulations regarding software security. Using a Code Signing SSL certificate from Sectigo allows you to meet legal and industry requirements that often require trusted digital signatures for software and drivers. This certificate facilitates compliance with regulations, which minimizes the risk of penalties and allows you to operate in regulated sectors.
  • Compatibility with a wide range of platforms: Sectigo Code Signing SSL is fully compatible with major operating systems and browsers, ensuring its use in various environments. This allows developers to sign applications for Windows, macOS, Android and iOS platforms, ensuring broad support for end users.
  • Secure storage of private keys: One of the critical elements of security is the protection of the private key used to sign code. Sectigo Code Signing SSL enables private keys to be stored on secure media such as Hardware Security Modules (HSMs), which significantly reduces the risk of key theft and unauthorized use.
  • Protect your reputation and reduce business risk: Signing code with a Sectigo certificate protects your company’s reputation by assuring users of the authenticity and security of the software you deliver. In the event of a security incident, having digitally signed code can also facilitate legal investigation and reduce potential liability risks.
  • Technical support and certificate management: Sectigo offers advanced certificate management tools, simplifying the processes related to certificate renewal, installation, and storage. Technical support provides assistance in resolving issues related to certificate implementation, minimizing the risk of downtime and technical issues.

Individual Validation (IV) SSL Certificate

Individual verification for a Sectigo Code Signing certificate is a process designed for individuals who do not represent a registered organization but want to secure their software with a digital signature. This process is different from organizational verification because it focuses on confirming the identity of the individual. As part of individual verification, Sectigo requires the submission of certain identification documents that confirm the identity of the applicant. Most often, two types of documents are required: one government-issued ID, such as a passport or national ID card, and a second document that proves the address of the person, such as a utility bill or bank statement. Sectigo can also conduct identity verification via phone or video conference to confirm that the person applying for the certificate is indeed the owner of the documents provided. Additionally, the individual verification process may require notarization of copies of documents to ensure their authenticity. The notary must certify that the copies of documents provided by the applicant are true to the originals. In some cases, Sectigo may also ask for identity verification through additional verification through a bank or other financial institution. The individual verification process may take several days, depending on the availability of the required documents and the speed of their verification. After successfully passing all verification steps, Sectigo issues a Code Signing certificate in the name of the individual, which allows for digital signing of software. This certificate assures end users that the software comes from a verified developer, which increases trust and reduces the risk of installing unauthorized or malicious software. Individual verification is a key element in the process of obtaining a Code Signing certificate for individuals, ensuring a high level of security and authenticity of digital signatures.

Organization Validation (OV) SSL Certificate

OV (Organization Validation) for a Sectigo Code Signing certificate is a process that aims to thoroughly check the identity of the organization applying for the certificate to confirm its authenticity and trustworthiness. This process requires verification of the company’s formal registration data, such as name, address and registration number. Sectigo checks this information using official databases and public registers, which allows it to confirm the existence and legality of the organization. As part of the validation, Sectigo also ensures that the person submitting the application has the right to represent the company, which is usually done by contacting the official representative of the organization directly. Additionally, the OV validation process verifies the authenticity of the organization’s telephone number, which must match the registration data. Sectigo may also verify the physical address of the company to ensure that it is correct and matches the registration data. In some cases, when some information cannot be automatically verified, the organization may be asked to provide additional documentation, such as extracts from the commercial register or proof of address. The validation process can take anywhere from a few days to two weeks, depending on the speed of the required information and the complexity of the verification itself. Once all steps are complete, an OV Code Signing certificate is issued and can be used to digitally sign software. This verification ensures that end users can be certain of the software creator’s identity, which is crucial for building trust and protecting against potential threats such as malware or unauthorized code modifications.

Technical Support

Technical support for Sectigo Code Signing certificates includes comprehensive support that helps users through every step of using the certificate. Sectigo offers detailed documentation and installation guides that guide users through the certificate installation process on various platforms, such as Windows, macOS, and Linux. For developers who use code signing tools such as Microsoft SignTool, instructions are also available for integrating the certificate into their software build processes. As part of technical support, Sectigo also offers support for setting up a code signing environment, including advice on setting up and safely storing private keys. Additionally, technicians can help resolve technical issues that may arise during software signing or signature verification. Technical support is available via various channels, including email, chat, and phone, allowing for quick access to the support you need. Sectigo ensures that users can use the certificate effectively and enjoy full security of their applications and software.

Add A Knowledge Base Question !

You will receive an email when your question will be answered.

+ = Verify Human or Spambot ?