Buy Organizational Validated (OV) Code Signing Certificates

Protected by SSL.com Digital Authentication Services

SSL.com Code Signing Certificates:

  • Protect users from malware and viruses by assuring the authenticity and integrity of downloaded code.
  • Organization Validation (OV) or Individual Validation (IV) included.
  • Trusted on all versions of Windows, preventing warning messages and errors when installing software.
  • eSigner cloud signing available
  • Malware Scan available: eSigner enrollment allows code to be scanned before being signed. Those found to be infected with malware are immediately blocked from signing. Head to our dedicated page and our how-to article to know more on the anti-malware features of eSigner.
  • CSC cloud signing standard compatible
  • Easily automate CI/CD pipeline code signings with CodeSignTool
  • Team sharing available when used with eSigner or CodeSignTool
  • Can be issued on a Federal Information Processing Standard 140-2 (FIPS) validated Yubikey USB token or through the SSL.com eSigner Cloud Signing Service. These two options are in compliance with the Certificate Authority/Browser (CA/B) Forum’s new key storage requirements to increase security for code signing keys.
  • Learn more

Need help? Visit the signing certificate ordering guide.

Please select a duration to begin your certificate order.

Duration:

Key Storage / Signing Method:

Yubikey Quantity:

$249 each
NEXT
Note: If you need kernel-mode driver signing (Microsoft HLK), do not purchase a YubiKey. Please contact us to order a Gemalto (SafeNet) token that supports RSA-based signing.
 
Private keys will be stored on a Yubico FIPS 140-2 validated security keyMultiple Yubikey USB tokens can be used with the same certificate identity and apply the same digital signature. This is a great option if more than one team member needs to sign with a physical token. The price includes shipping to the address of the validated entity, or an address listed in a qualified business information source.

NOTE: Private keys for SSL Code Signing Certificates cannot be exported, and certificates cannot be issued as downloadable .pfx files. Certificates must be generated and stored using an approved secure option such as a FIPS 140-2 validated-YubiKey USB token, SSL’s eSigner Cloud Signing Service, or a supported Cloud HSM.

eSigner Tier

Select the monthly or annual signature volume tier. Any unused signatures will roll over into the next month or year if there is an active certificate. Each tier provides a certain number of included credentials which are pre-selected based on the selected tier. Extra credentials can be purchased at $20 per month. Find pricing details here. New certificates will receive 30-days free of eSigner cloud signing. After the first 30 days, your monthly or annual subscription fees will be applied.
For multi-year subscription discounts, high-volume signature packages and custom solutions, please contact sales.
NEXT

Processing and Delivery:

Select a standard validation priority and shipping method at no charge or choose an expedited 2 business days validation service with overnight delivery to the continental United States.


Standard validation is completed in 3-5 days after all agreements and entity information has been submitted, are found to be compliant and a successful call back to a listed phone number has been completed. Standard shipping inside the continental US is 2-3 days. International shipping is tracked but the delivery timeline is subject to customs constraints and available local logistics.


With expedited delivery, the validation process is given 2 business days priority starting from point of complete material submission and successful call back. The token will then be shipped for overnight delivery in the continental US.

Yubikey Quantity:

$279 each
NEXT
Note: If you need kernel-mode driver signing (Microsoft HLK), do not purchase a YubiKey. Please contact us to order a Gemalto (SafeNet) token that supports RSA-based signing.
 
Private keys will be stored on a Yubico FIPS 140-2 validated security keyMultiple Yubikey USB tokens can be used with the same certificate identity and apply the same digital signature. This is a great option if more than one team member needs to sign with a physical token. The price includes shipping to the address of the validated entity, or an address listed in a qualified business information source.

NOTE: Private keys for SSL Code Signing Certificates cannot be exported, and certificates cannot be issued as downloadable .pfx files. Certificates must be generated and stored using an approved secure option such as a FIPS 140-2 validated-YubiKey USB token, SSL’s eSigner Cloud Signing Service, or a supported Cloud HSM.

Processing and Delivery:

Select a standard validation priority and shipping method at no charge or choose an expedited 2 business days validation service with overnight delivery to the continental United States.


Standard validation is completed in 3-5 days after all agreements and entity information has been submitted, are found to be compliant and a successful call back to a listed phone number has been completed. Standard shipping inside the continental US is 2-3 days. International shipping is tracked but the delivery timeline is subject to customs constraints and available local logistics.


With expedited delivery, the validation process is given 2 business days priority starting from point of complete material submission and successful call back. The token will then be shipped for overnight delivery in the continental US.

Effective March 1, 2026, new industry requirements from the CA/Browser Forum will limit the maximum validity period of publicly trusted code signing certificates to 458 days. In preparation, SSL.com began enforcing this 458-day cap on certificate issuance starting February 27, 2026. This change does not affect the total purchased term of a customer’s order, but individual certificates issued within that term may need to be reissued more frequently. Customers will still receive the full value of their purchase, even though each certificate will have a shorter lifespan. This update is mandatory across all publicly trusted certificate authorities and is designed to enhance security by reducing risk exposure and improving cryptographic agility.

Effective March 11, 2026, SSL/TLS certificate durations reduce to 200 days.

Learn More.

We’d love your feedback

Take our survey and let us know your thoughts on your recent purchase.

Take Survey
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognizing you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

For more information read our Cookie and privacy statement.

3rd Party Cookies

This website uses Google Analytics & Statcounter to collect anonymous information such as the number of visitors to the site, and the most popular pages.

Keeping these cookies enabled helps us to improve our website.

Show details
Powered by  GDPR Cookie Compliance