Sectigo EV Code Signing certificate is an advanced cryptographic tool dedicated to software developers and publishers who strive to maximize the security and trust of their products. Using Extended Validation (EV) technology, the certificate provides the highest level of identity authentication, which is crucial in the context of protection against malware and man-in-the-middle attacks. The certificate allows for digital signing of application code, guaranteeing the integrity and authenticity of the software from the moment of compilation to distribution to the end user. This process eliminates system and browser warnings that may appear during the installation of unverified software, which in turn increases the application’s reputation and user trust.

The private keys associated with the certificate are stored on a physical cryptographic token compliant with FIPS 140-2 Level 2 or higher, which provides an additional layer of protection against unauthorized access and potential security breaches. The certificate is fully compatible with major platforms and operating systems, such as Microsoft Authenticode, Java, Adobe AIR, and macOS, enabling broad use in various development environments. The certificate issuance process includes rigorous verification of the organization’s identity, according to the standards set by the CA/Browser Forum, which minimizes the risk of granting the certificate to unauthorized entities. Additionally, using the EV Code Signing certificate positively affects reputation mechanisms such as Microsoft SmartScreen Filter, reducing false positives and improving the end-user experience.

Implementing the Sectigo EV Code Signing certificate is a key step in securing the software supply chain, protecting both developers from unauthorized modification of their code and users from potential threats resulting from the installation of unverified applications.

Who needs the Sectigo EV Code Signing certificate?

The EV Code Signing certificate is essential for professional developers and software publishers who require the highest level of trust and security for their applications. It is especially important for companies distributing commercial software on a large scale, drivers and system component providers, where extended identity validation is required. Organizations concerned about protecting their brand and wanting to minimize the risk of system warnings should also use it. In addition, developers who must meet strict security standards on platforms such as Microsoft, Apple or Adobe use this certificate. Companies that want to secure the software supply chain and protect their code from unauthorized modification need the EV Code Signing certificate to ensure the integrity and authenticity of their products from compilation to delivery to the end user.

Why choose Sectigo EV Code Signing?

• Highest level of authentication.
• Elimination of system warnings.
• Security of private keys.
• Wide compatibility.
• Improvement of online reputation.
• Rigorous verification.
• Protection against code manipulation.
• Increased customer trust.

• Support for Windows.
• Mozilla Objects File Signing.
• Signing MS Silverlight applications and xaf files.
• Signing MS Office macros and VBA (Visual Basic for Application) files.
• AIR code signing.
• Signing JAR applets.
• Microsoft Authenticode – Signing any MS (32/64 bit) .exe, .dll, .ocx, .msi, .cab and kernel software.
• Software signing for MacOS.
• and many more.

** Due to the new rules for generating and storing code signing certificate keys, it is necessary to save them on a compatible USB token or HSM module. In the absence of such a tool, it is possible to order a token with an installed certificate from the certificate issuer. The appropriate delivery option should be selected when placing an order for the certificate. There is no need to order a token if you have your own, compatible tool. In the case of delivery, the time to issue the certificate may be longer due to the need to deliver the ordered token with the certificate: Check the new rules for code signing certificates issuance.

• Highest level of identity validation (Extended Validation): Sectigo EV Code Signing Certificate provides rigorous verification of the organization’s identity according to CA/Browser Forum standards, increasing user confidence in signed software.
• Elimination of system warnings and reputation filters: Automatically building a positive reputation in security mechanisms such as Microsoft SmartScreen Filter minimizes the risk of warnings being displayed during application download and installation.
• Secure storage of private key on a hardware cryptographic token: The private key is generated and stored on a FIPS 140-2 Level 2 or higher compliant device, providing the highest level of protection against unauthorized access and key theft.
• Wide compatibility with platforms and signature formats: Supports major development environments and operating systems, including Microsoft Authenticode, Java, Adobe AIR and macOS, enables universal use of the certificate in various projects.
• Support for SHA-256 cryptographic algorithms: Ensures compliance with the latest cryptographic security standards, increasing resistance to cryptographic attacks and extending the life of the digital signature.
• Time Stamping Capability: Allows for permanent verification of the digital signature even after the certificate expires, which is crucial for the long-term integrity of the software.
• Industry Security Compliance: Meets strict guidelines and security standards set by industry organizations, which increases the credibility and acceptance of the software in the global market.
• Protection against code tampering and counterfeiting: Digitally signing the code guarantees the integrity and authenticity of the application, protecting against unauthorized modification and distribution of malicious code. software.
• Increased trust and professional brand image: Using the EV Code Signing certificate highlights the organization’s commitment to security, which positively affects the brand perception by customers and business partners.
• Professional technical support and consulting: Sectigo offers dedicated support at every stage of the process, from identity verification to implementation and certificate management, ensuring smooth and effective implementation.

The validation procedure for the Sectigo EV Code Signing certificate is a comprehensive process aimed at confirming the identity and credibility of the organization applying for the certificate. It begins with the submission of a formal application, in which the company must provide detailed data such as the full legal name, registered office address, contact details and information about the person authorized to represent the organization in this process. Sectigo then proceeds to verify the legal existence of the organization. This requires the provision of official registration documents from the appropriate register, depending on the country of operation. The purpose of this step is to confirm that the company is legally registered and operates in accordance with applicable regulations. The next step is to verify the physical address of the organization’s registered office. This may require the submission of supporting documents such as utility bills, lease agreements or other official documents indicating the business address. Sectigo also checks the company’s telephone number, which should be registered in its name and available in public databases or telephone directories. A telephone contact may be made to confirm this information. An important element of the process is the verification of the identity of the contact person responsible for the application. This requires the submission of identification documents such as an identity card or passport. In some cases, it may be necessary to notarize the authenticity of these documents. Additionally, Sectigo checks whether this person has the formal authority to represent the organization in obtaining the certificate, which may require providing a power of attorney or a board resolution. The private key, necessary for the certificate to work, must be stored on an approved cryptographic device, such as a USB token compliant with FIPS 140-2 Level 2 or higher. Sectigo can provide such a device or provide instructions on how to obtain it and store the key safely. After successfully completing all verification stages, Sectigo makes a final assessment of the information provided. If everything is in accordance with the requirements and standards established by the CA/Browser Forum, the EV Code Signing certificate is issued. The organization receives the certificate along with instructions for its installation and use. The entire process can take from several days to several weeks, depending on the speed and completeness of the required documents and the complexity of the verification itself.

Sectigo EV Code Signing Certificate Technical Support is available for customers who need assistance with installing, configuring, and using the certificate. Sectigo offers support through various communication channels, including email, phone, and an online ticketing system. Customers have access to an extensive knowledge base on the Sectigo website, which contains detailed instructions, step-by-step guides, and answers to frequently asked questions about using the EV Code Signing certificate. In case of urgent technical issues, a hotline is available, where specialists are ready to provide immediate assistance. Additionally, Sectigo offers online training and webinars to help users understand the processes related to code signing, certificate management, and security best practices. Technical support also includes help with resolving compatibility issues across platforms and operating systems, such as Microsoft Authenticode, Java, Adobe AIR, and macOS. This gives users the peace of mind that their software will be properly signed and recognized by security systems, which increases end-user confidence and protects the company’s reputation. Sectigo is committed to providing the highest level of customer service, enabling developers and organizations to focus on building high-quality software without worrying about security and code integrity issues.