Code Signing Certificates
Sign your code with a validated identity, at the right level for your needs
Four certificates, one purpose: prove that the software your users download came from you and hasn’t been touched since.
Code Signing Certificates
IV Code Signing
For individual developers
Personal name on every installer. No business docs required. Best for independent developers, open source maintainers, and freelancers.
OV Code Signing
For organizations
Organization name verified and displayed. Trusted on all Windows versions. Best for software companies and ISVs distributing to end users.
Sole Proprietor EV Code Signing
EV trust for individuals
Full EV benefits, kernel-mode driver signing, timestamped signatures, validated as an individual. No registered business entity required.
EV Code Signing
For maximum trust
Required for kernel-mode drivers and Windows Hardware Dev Center. Signatures survive certificate expiry. Organization entity required.
SSL.com offers IV Code Signing for individual developers, OV Code Signing for organizations, Sole Proprietor EV Code Signing for individuals and sole proprietors who need EV-level trust, and EV Code Signing for organizations requiring kernel-mode driver signing. All are trusted on Windows and available with cloud-HSM-backed signing via eSigner.
Compare Code Signing Certificates
| Feature | IV: Individual | OV: Organization | EV SP: Sole Proprietor | EV: Extended Validation |
|---|---|---|---|---|
| Who it’s for | Independent developers, open source maintainers | Software companies, ISVs, enterprises | Sole proprietors needing full EV trust | Enterprises, driver publishers, CI/CD pipelines |
| Name on installer | Individual’s verified name | Organization’s verified name | Individual’s verified name (EV-validated) | Organization’s verified name (all validations) |
| Trusted on Windows | Yes: all versions | Yes: all versions | Yes: all versions | Yes: all versions |
| Publisher Display | Displays the Organization Name in Windows security prompt | Displays the Organization Name in Windows security prompt | Displays the Organization Name in Windows security prompt | Displays the Organization Name in Windows security prompt |
| Kernel-mode driver signing | No | No | Yes: required | Yes: required |
| Business entity required | No | Yes | No (individual validation) | Yes |
| Storage requirement | Hardware token, HSM, or eSigner | Hardware token, HSM, or eSigner | Hardware token, HSM, or eSigner | Hardware token, HSM, or eSigner |
| Sign from any CI/CD pipeline: no hardware needed | Add eSigner for Code → Cloud HSM signing for CI/CD pipelines. Works with all four certificates. No hardware token required. | |||
| Get started | Buy IV → | Buy OV → | Buy EV SP → | Buy EV → |
Which certificate is right for you?
Shared requirements
Secure key storage
Private keys cannot be exported. Must be stored on a FIPS 140-2 validated hardware token, eSigner cloud HSM, or supported cloud HSM.
Timestamping
All signed code should be timestamped at signing; timestamps extend the validity of the signature beyond certificate expiry.
CA/B Forum Code Signing BR
All SSL.com code signing certificates are issued under the CA/B Forum Code Signing Baseline Requirements.
