DigiCert Code Signing is an advanced security solution that allows you to digitally sign software to confirm its authenticity and integrity. This product is intended for developers, software vendors and companies that want to assure end users that their applications and code are secure, unaltered and come from a trusted source. DigiCert Code Signing uses advanced cryptography to generate digital certificates that allow you to identify the signed code and protect it from unauthorized modification. The basic functionality of DigiCert Code Signing is the ability to add a unique digital signature to the code, which ensures that the software has not been changed since it was signed. It uses a private key for this purpose, which is securely stored in an HSM (Hardware Security Module) environment or on a dedicated device, which minimizes the risk of its compromise. A certificate signed by a trusted certificate authority, such as DigiCert, ensures that each signed code is automatically recognized by operating systems and web browsers as coming from a trusted source.

DigiCert Code Signing not only meets industry standards for security, but also offers a number of additional features, such as support for multiple file formats, including EXE, DLL, OCX, CAB, as well as compatibility with the most popular platforms, such as Windows, macOS, and Java. The solution is also compliant with Microsoft’s new Windows driver signing requirements, which is crucial for software vendors who need to ensure compatibility and support for the latest versions of the operating system. DigiCert Code Signing’s advanced technology also provides the ability to sign code in an automated manner, which is especially useful in large organizations, where DevOps processes require continuous and rapid deployment of new software versions. Additionally, DigiCert offers enhanced security options, such as two-person code signing, which increases the security of the signing process and protects against unauthorized use of the private key. The product also supports cloud code signing technology, which allows for secure signing of software without the need for local key management.

DigiCert Code Signing is not just a code signing tool, but also a solution that builds end-user trust in your software and ensures compliance with the latest security standards while protecting against the risk of malware and cyberattacks.

Why choose DigiCert Code Signing?

• Verifies the identity of the publisher.
• Verifies content integrity.
• Protects software from tampering.
• Improves customer trust.
• Increases software downloads.
• Avoids Windows error messages.
• Protects the reputation and brand of the software publisher.
• Creates trusted software distribution.

• Support for Windows.
• Mozilla Objects File Signing.
• Signing MS Silverlight applications and xaf files.
• Signing MS Office macros and VBA (Visual Basic for Application) files.
• AIR code signing.
• Signing JAR applets.
• Microsoft Authenticode – Signing any MS (32/64 bit) .exe, .dll, .ocx, .msi, .cab and kernel software.
• Software signing for MacOS.
• And many more.

** Due to the new rules for generating and storing code signing certificate keys, it is necessary to save them on a compatible USB token or HSM module. In the absence of such a tool, it is possible to order a token with an installed certificate from the certificate issuer. The appropriate delivery option should be selected when placing an order for the certificate. There is no need to order a token if you have your own, compatible tool. In the case of delivery, the time to issue the certificate may be longer due to the need to deliver the ordered token with the certificate: Check the new rules for code signing certificates issuance.

• Software Authenticity and Integrity: A digital signature ensures that code comes from a trusted source and that its integrity has not been tampered with, protecting users from tampering and malware.
• Platform Compliance: DigiCert Code Signing certificates are recognized by major operating systems, browsers, and platforms, such as Microsoft Windows, macOS, and Java, ensuring seamless software distribution.
• Secure Private Key Storage: With the optional use of Hardware Security Modules (HSMs) or dedicated devices, the private key is stored in a way that minimizes the risk of its compromise.
• Support for DevOps Automation: DigiCert Code Signing enables automated code signing as part of CI/CD processes, which speeds application deployment and simplifies certificate management in production environments.
• Compliance with regulations and industry standards: Certificates meet international security standards, including Microsoft’s driver signing requirements, ensuring compliance with the latest regulations.
• Increased end-user confidence: Software signed by DigiCert is recognized as safe, increasing user confidence and reducing the risk of unknown publisher warnings during installation.
• Support for a wide range of file formats: DigiCert Code Signing supports signing a variety of file formats, including EXE, DLL, OCX, CAB, enabling protection for a wide range of applications and components.
• Cloud Code Signing: The ability to use Cloud Signing, which allows for secure code signing without the need for local key management, ideal for distributed teams and modern cloud environments.
• Advanced security features: Options such as Dual-signing and key management service integration increase security and control over the code signing process.
• Dedicated technical support: 24/7 access to DigiCert experts who provide specialized support for configuration, integration, and certificate management, ensuring operational continuity and rapid problem resolution.

The validation procedure for DigiCert Code Signing is a process that aims to confirm the identity of the applicant and ensure that the certificate is issued only to trusted entities. The process begins with the submission of a certificate application, in which the applicant provides detailed information about their organization, such as full name, address, company registration number, and contact details. DigiCert then proceeds to verify this information using independent sources such as company registration databases, public domain registries, and through telephone conversations with representatives of the organization. During this process, the authenticity of documents provided by the applicant is also checked, such as copies of company registration documents, bank statements, or utility bills that confirm the physical address of the company. Once identity verification is complete, DigiCert generates a certificate and issues it to the applicant. This certificate is secured by a private key, which is used to sign the code. DigiCert also stores all information related to the validation process in its database, which allows for later verification and auditing. The entire validation process is compliant with international security standards and data protection regulations, ensuring that DigiCert Code Signing certificates are not only secure, but also meet the highest industry standards.

DigiCert Code Signing Support offers the highest level of support, tailored to the needs of individual developers and large organizations. The DigiCert technical support team is available 24/7 to provide assistance with installation, configuration, and certificate management. DigiCert experts have deep knowledge of cryptography, security protocols, and integration with a variety of development environments, allowing them to resolve technical issues quickly and efficiently. Support also includes assistance in understanding the code signing process, including generating keys, creating and renewing certificates, and implementing security best practices. Additionally, DigiCert provides detailed educational materials such as technical documentation, step-by-step guides, and FAQs, which are available on the website. For more complex issues, the technical support team can conduct a remote diagnostic session to identify and fix issues in your environment. DigiCert Code Signing customers also have access to a dedicated support portal where they can track the status of their cases, manage their certificates, and use self-service tools. With a global reach, DigiCert technical support is available in multiple languages, facilitating communication and speeding up problem resolution. In the event of integration with specific operating systems or software platforms, the technical team offers consultation and support at every stage of implementation to ensure the smooth and trouble-free operation of the solution. DigiCert places great emphasis on continuous improvement of its technical support, regularly updating its resources and training its staff to meet the highest standards of customer service.